Malicious code in career-service-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d053ab0c6c3eb4184d3e98ecd922d23cc351f70a7df8a410d1271644721481ac Malicious packages campaign since 2021 targeting developers, steals source code and secrets Source: ghsa-malware...

Malicious code in service-client-ebay (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 81133afd96840f03b4b34fcc3f650cf01fa899ee95fac5471d1b540947833c58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6030 Malicious code in service-client-ebay (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 81133afd96840f03b4b34fcc3f650cf01fa899ee95fac5471d1b540947833c58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview share-service-client is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

MAL-2022-4437 Malicious code in lyft-service-plugin-service-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11cae99f45bda0d06253e5365230657a357f371ef6c198cd92758d6f960e8a55 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in share-service-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 573a919a5f99a385c49e135f43877bdf5ce7d34922b04e65a44fea212284a3a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

xstream: Arbitrary code execution via unsafe deserialization of com.sun.xml.internal.ws.client.sei.*

A flaw was found in xstream, a simple library used to serialize objects to XML and back again. This flaw allows a remote attacker to load and execute arbitrary code from a remote host by manipulating the processed input stream. The highest threat from this vulnerability is to confidentiality,...

CVE-2019-5105

An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker can send a packet...

CVE-2019-5105

A memory‑corruption vulnerability exists in the 3S-Smart CODESYS GatewayService Name Service Client. A crafted packet can trigger a large memcpy, causing an access violation and process termination. The issue affects all CODESYS V3 products prior to V3.5.16.10 that contain CmpRouter or CmpRouterE...

3S-Smart Software Solutions CODESYS GatewayService Buffer Overflow Vulnerability

3S-Smart Software Solutions CODESYS GatewayService is a gateway service for use in CODESYS products from 3S-Smart Software Solutions, Germany. A buffer overflow vulnerability exists in the Name Service Client feature in 3S-Smart Software Solutions CODESYS GatewayService version 3.5.13.20, which c...

3S-Smart Software Solutions CODESYS GatewayService memory corruption vulnerability

Summary An exploitable memory corruption vulnerability exists in the Name Service Client functionality of 3S-Smart Software Solutions CODESYS GatewayService. A specially crafted packet can cause a large memcpy, resulting in an access violation and termination of the process. An attacker can send ...

CVE-2015-2929

The Hidden Service HS client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service assertion failure and application exit via a malformed HS descriptor...

CVE-2012-1105

An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner...

LeakVM - Research & Pentesting Framework For Android, Run Security Tests Instantly

LeakVM: Run security tests instantly. Why LeakVM : LeakVM fast security test on Android, by skipping the time-consuming build pen-testing laboratories, you can test on real devices or virtual devices. LeakVM makes researchers and pen-testers more productive since they can run the test on real tim...

EUVD-2014-3550

The ssl23getclienthello function in s23srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an unexpected handshake, as demonstrated by...

PT-2012-1524

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.8l OpenSSL versions 0.9.8m through 1.x Description The issue allows remote attackers to cause a denial of service, specifically CPU consumption, by performing many renegotiations within a single connection. This i...

CVE-2010-2156

ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service server exit via a zero-length client ID...

CVE-2007-4755

Alien Arena 2007 6.10 and earlier allows remote attackers to cause a denial of service client disconnect by sending a clientconnect command in a forged packet from the server to a client. NOTE: client IP addresses are available via product-specific queries...