108 matches found
MAL-2025-155008 Malicious code in fatidra-nutasyua-isaufy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e7da5494e48e6fadfb6b6b1775091eea12da0b78ceed684beb63b2968a665c66 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-126980 Malicious code in hadi-empal3-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54f42324ffd34b65366598af839daa4d944ee1773faaa65f8903e28af33d8031 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-92248 Malicious code in wibowo-naget41-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0debba03b8dabad96cc6b2f90be0432b49ab4455793587af51fc14851463c29c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2019-1032
Malware in sbrugna...
EUVD-2007-4894
Malware in sbrugna...
EUVD-2019-14002
Malware in sbrugna...
EUVD-2018-1324
Malware in sbrugna...
EUVD-2025-28623
Malicious code in bioql PyPI...
JetBrains TeamCity Information Disclosure Vulnerability
JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from an information disclosure vulnerability th...
CVE-2025-57734
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...
CVE-2025-57734
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...
CVE-2025-57734
In JetBrains TeamCity, versions prior to 2025.07.1 expose AWS credentials inside Docker script files, constituting an information disclosure vulnerability. Supported by multiple sources in the connected set (e.g., Red Hat advisory and PT Security note) consistently identifying the affected softwa...
CVE-2025-57734
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files...
JetBrains TeamCity 安全漏洞
JetBrains TeamCity is a Continuous Integration/Continuous Deployment CI/CD tool developed by JetBrains to automate the software build, test, and deployment process with support for multiple programming languages and tools. JetBrains TeamCity suffers from an information disclosure vulnerability th...
PT-2025-34035 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: TeamCity versions prior to 2025.07.1 Description: TeamCity was affected by an issue where AWS credentials were exposed in Docker script files. Recommendations: Update to TeamCity version 2025.07.1 or later...
CVE-2020-6288
SAP Business Objects Business Intelligence Platform Web Intelligence HTML interface allows an attacker with edit document rights to upload any file including script files without proper file format validation leading to Unrestricted upload of file with dangerous type vulnerability. The attacker c...
CVE-2025-24375
The CVE-2025-24375 entry concerns the Charmed MySQL K8s operator (and machine operator) with credential leakage risk. Root cause: the operator calls the mysql-shell/DDL scripts by writing a temporary script file containing full URIs with user credentials, created with read permissions (0644); unp...
PT-2024-34371 · Schrödinger · Pymol
Name of the Vulnerable Software and Affected Versions: PyMOL version 2.5.0 Description: The issue arises from the "Run Script" function in PyMOL, which allows the execution of arbitrary Python code embedded within .PYM files. This enables attackers to craft malicious .PYM files containing Python...
WordPress plugin CSS JS Files 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
GHSA-6CJ3-RC4P-F38F Cross-site Scripting vulnerabilities in Neos
It has been discovered that Neos is vulnerable to several XSS attacks. Through these vulnerabilities, an attacker could tamper with page rendering, redirect victims to a fake login page, or capture user credentials such as cookies. With the potential backdoor upload an attacker could gain access ...