57 matches found
Malicious code in @zitterorg/quas-autem (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72cb58ac971db45abdc606990ed4beb58af4c492b4449ba03800f624adb34c10 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2024-7263 · 1с · Bitrix24 +1
Name of the Vulnerable Software and Affected Versions: 1C-Bitrix Bitrix24 version 23.300.100 Description: The issue concerns insufficiently protected credentials in SMTP server settings, allowing remote administrators to send SMTP account passwords to an arbitrary server via an HTTP POST request...
Malicious code in custom-header-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21903596de696f90e7f282e9b7b39253671854a1f17f93630e04da0d8779743f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2312-7203 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eca988c947076e48f83a1f7313ba1e0977b7f91607c90e60189351028c247e9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Clear Text Credentials Exposed via Onboarding Task
Impact When credentials are provided while creating an OnboardingTask they may be visible via the Job Results view under the Additional Data tab as args for the Celery Task execution. This only applies to OnboardingTasks that are created with credentials specified while on v2.0.0-2.0.2 of Nautobo...
PYSEC-2023-288
The Nautobot Device Onboarding plugin uses the netmiko and NAPALM libraries to simplify the onboarding process of a new device into Nautobot down to, in many cases, an IP Address and a Location. Starting in version 2.0.0 and prior to version 3.0.0, credentials provided to onboarding task are...
Malicious code in digital-staticsite (npm)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 7cf28f9b3aee1deb96e037e6f68421b07112de0026dc8406174bfc2f416ccd3e Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...
GHSA-5R3H-C3R7-9W4H Apache Pulsar Disabled Certificate Validation for OAuth Client Credential Requests makes C++/Python Clients vulnerable to MITM attack
The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or...
Malicious code in ruby-on-rails-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 34c450a4a909b2cff0881264fc0cacab1b54bdb89064e08b2c17d897a4cfc2dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bulbul (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d84ae8be2621338005d938e0b31513d438aabbe15ed0e5f398e46b9f68759b9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in teamcity-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 966b43d3855a0deb55b7e4498d6ba381240981ced1ae568dbce283150abac8e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in free-fortnite-skins-dec (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad6b7072a59818a84fd0ffc2db81828c56bcf20e392ed3b5a31d4432c0da1597 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in apm-synthtrace (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 501f87c261d9652eac673b3a97c22007a4d65d77b7511efef4882fa25a86b153 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2022-24716 Path traversal in Icinga Web 2
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolv...
GHSA-6879-XR95-5GF4 Malicious Package in malicious-do-not-install
All versions of malicious-do-not-install contain malicious code. The package copies the contents of /etc/passwd and /etc/shadow to files in the local /tmp/ folder. Recommendation Remove the package from your environment and rotate affected credentials...
Malicious Package in soket.js
All versions of soket.js are considered malicious. The package is malware designed to take advantage of users making a mistake when typing the name of a module to install. When executed, the package calls home to a Command and Control server to execute arbitrary commands. Recommendation This...
Elastic Cloud on Kubernetes 1.1.0 security update
Elastic Cloud on Kubernetes insecure password generation ESA-2020-03 Elastic Cloud on Kubernetes ECK versions prior to 1.1.0 generate passwords using a weak random number generator. If an attacker is able to determine when the current Elastic Stack cluster was deployed they may be able to more...