Linux Distros Unpatched Vulnerability : CVE-2010-4207

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows...

Linux Distros Unpatched Vulnerability : CVE-2021-33829

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in the HTML Data Processor in CKEditor 4 4.14.0 through 4.16.x before 4.16.1 allows remote attackers to inject executab...

Linux Distros Unpatched Vulnerability : CVE-2018-4133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the WebKit component. A Safari cross-site scripting XSS...

Linux Distros Unpatched Vulnerability : CVE-2021-44775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitra...

PT-2025-34730 · Unknown · 1000Projects Online Project Report Submission/Evaluation System

Name of the Vulnerable Software and Affected Versions: 1000projects Online Project Report Submission and Evaluation System version 1.0 Description: A security issue exists in 1000projects Online Project Report Submission and Evaluation System 1.0. The vulnerability is related to a cross-site...

Linux Distros Unpatched Vulnerability : CVE-2016-5732

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in the partition-range implementation in templates/table/structure/displaypartitions.phtml in the...

Linux Distros Unpatched Vulnerability : CVE-2016-10202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the path info to...

Linux Distros Unpatched Vulnerability : CVE-2016-4561

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the cgierror function in CGI.pm in ikiwiki before 3.20160506 might allow remote attackers to inject arbitrary web scri...

Linux Distros Unpatched Vulnerability : CVE-2005-1308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

Linux Distros Unpatched Vulnerability : CVE-2018-6110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML...

Linux Distros Unpatched Vulnerability : CVE-2013-2022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote...

MAL-2025-191767 Malicious code in jsonist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818 Calling a method starts downloading and starting an infostealer script --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

Malicious code in jsonist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818 Calling a method starts downloading and starting an infostealer script --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

USN-6885-6 apache2 regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

PT-2025-32991 · Marktwo · Marktwo

Name of the Vulnerable Software and Affected Versions: MarkTwo versions prior to commit e3a1d3f90cce4ea9c26efcbbf3a1cbfb9dcdb298 May 2025 Description: A Cross-Site Scripting XSS issue exists in MarkTwo. The application does not properly sanitize user-supplied Markdown before rendering it, allowin...

Malicious code in flashsimplelogger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c4753ee44e481f1f689cfaeddcddaef8dcdf86fbb1db19b3fe0acc2fadac305 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

MAL-2025-191729 Malicious code in flashsimplelogger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c4753ee44e481f1f689cfaeddcddaef8dcdf86fbb1db19b3fe0acc2fadac305 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

MAL-2025-191928 Malicious code in web3dummycti (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9a702a53b1f08d4ee8e06e9dc19f6c942ee7bd755274f898a2ff737796557316 If the method from the module is called, it attempts to download a malicious code identified as msf payload and save it locally. In the analysed version, the...

Malicious code in web3dummycti (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9a702a53b1f08d4ee8e06e9dc19f6c942ee7bd755274f898a2ff737796557316 If the method from the module is called, it attempts to download a malicious code identified as msf payload and save it locally. In the analysed version, the...

Malicious code in loggerex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7a27ca3e673f54a1e041d55e84b8a0e871239df2331c9a3fd1dbe20d1fa86f56 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...