Malicious code in telegramlite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be464abbf0e3f375f4865ac2802a6b6d96e7af1ce30984d84f464470cdef17dd Package exfiltrates data from the Telegram application to a remote location, effectively collecting Telegram sessions. --- Category: MALICIOUS - The campaign h...

Malicious code in clip-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ee6244e4630a085f305c933f50283a232dda9e0d8e0ba3bab2bb880e53a736d The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard a...

MAL-2026-5293 Malicious code in clip-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0ee6244e4630a085f305c933f50283a232dda9e0d8e0ba3bab2bb880e53a736d The package contains code to steal clipboard content to a predefined remote location. If run in the right way, the code will periodically check the clipboard a...

Malicious code in coredxloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b26408ee7735357c61e0a81e60620000999ef84eba419797b20858e5ce5b4a62 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...

Malicious code in apachelicense (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9d96d45a87e117e72107d6d6dfbe8c4e94323323bc28ce9accd8ccba39a0a46c Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...

CVE-2026-25055 n8n Arbitrary File Write on Remote Systems via SSH Node

n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...

CVE-2025-9595

A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has bee...

PT-2025-35153

Name of the Vulnerable Software and Affected Versions: code-projects Student Information Management System version 1.0 Description: A cross site scripting issue exists due to the manipulation of the uname argument. The issue is located in an unknown function of the file /login.php. The attack can...

Malicious code in pyapiepo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69aee56f4c3bce704bc65574959aee0226417e4d6a6e05e662d6fa235c12815f Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

Malicious code in zsender (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64454f4348553cc0321094cffaef685d8977dd95ccf1c07dc54e2b8b3c39a8f0 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

Malicious code in zmaker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f4ac88a121488df2fdfa1cb5409f3443f658a30d679f20acc41dd2c656bd3b8 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

CVE-2020-36835

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wpajaxwpvividaddremote AJAX action that allows low-level authenticated attackers to send back-ups to a remote...

CVE-2020-36835

The CVE-2020-36835 entry concerns the WordPress WPvivid Migration, Backup, Staging plugin. Affected component: wp_ajax_wpvivid_add_remote AJAX action. Root cause: missing capability checks allow low‑level authenticated attackers to exfiltrate the WordPress site database by sending backups to a re...

PT-2024-26082 · Samsung · Samsung Assistant

Name of the Vulnerable Software and Affected Versions: Samsung Assistant versions prior to 9.1.00.7 Description: The issue is related to the improper handling of insufficient permissions in Samsung Assistant, allowing remote attackers to access location data. User interaction is required for...

CVE-2024-6449

HyperView Geoportal Toolkit (versions

The vulnerability of the JetBrains YouTrack project management and task management software, related to deficiencies in authentication mechanisms, allows attackers to circumvent existing security restrictions.

The vulnerability of the JetBrains YouTrack project and task management software is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions from a remote location...

The vulnerability of the WebAudio component in Google Chrome and Microsoft Edge allows a hacker to execute arbitrary code.

The vulnerability of the WebAudio component in Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through a specially created HTML page from a remote location...

CVE-2023-34212

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location...

GHSA-7X45-PHMR-9WQP Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location

Summary An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip variant. Details Unpacking files using the...

CVE-2023-25266

An issue was discovered in Docmosis Tornado prior to version 2.9.5. An authenticated attacker can change the Office directory setting pointing to an arbitrary remote network path. This triggers the execution of the soffice binary under the attackers control leading to arbitrary remote code...