Malicious code in sharp-heic (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6db9ffb0551887208262a5445e00bde6f964551601c407e01dfd493ef1b144e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in sharpdefender (NuGet)

--- -= Per source details. Do not edit below this line.=-...

Mganss HtmlSanitizer 跨站脚本漏洞

Mganss HtmlSanitizer is a C, AngleSharp based software from Mganss Individual Developers for use in clearing HTML code and documents from source code that could lead to XSS attacks. A cross-site scripting vulnerability exists in Mganss HtmlSanitizer versions prior to 2.0.3, which stems from a...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write through the gif decoder. An attacker can cause a crash using a specially crafted gif, potentially leading to denial of service by exploiting the out-of-bounds write condition. PoC using var image =...

ImageSharp 缓冲区错误漏洞

ImageSharp is a new, full-featured, fully managed, cross-platform 2D graphics API open-sourced by Six Labors. A buffer error vulnerability exists in ImageSharp versions prior to v3.1.7 and v2.1.10, which stems from an out-of-bounds write vulnerability in the gif decoder that could result in a cra...

CVE-2022-45796

Command injection vulnerability in nwinterface.html in SHARP multifunction printers MFPs's Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System Monochrome 200 or...

CVE-2024-43424

Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed...

CVE-2024-47549

Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, which may allow contamination of unintended data to HTTP response headers. Accessing a crafted URL which points to an affected product may cause malicious script executed on the web browser...

CVE-2024-36254

Out-of-bounds read vulnerability exists in Sharp Corporation and Toshiba Tec Corporation multiple MFPs multifunction printers, which may lead to a denial-of-service DoS condition...

CVE-2024-36249

Cross-site scripting vulnerability exists in Sharp Corporation and Toshiba Tech Corporation multiple MFPs multifunction printers. If this vulnerability is exploited, an arbitrary script may be executed on the administrative page of the affected MFPs. As for the details of affected product names,...

CVE-2024-42420

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed...

CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...

CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...

CVE-2024-52321

Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker...

CVE-2024-52321

Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker...

CVE-2024-52321

Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote unauthenticated attacker...

CVE-2024-52321

CVE-2024-52321 affects SHARP routers via improper authentication in the configuration backup function, allowing a remote unauthenticated attacker to retrieve backup files containing sensitive information. Affected devices include home 5G HR02 (S5.82.00 and earlier), Wi‑Fi STATION SH-52B (S3.87.11...

CVE-2024-46873

CVE-2024-46873 concerns SHARP routers (SH-05L, SH-52B, SH-54C, HR02). The root cause is a hidden debug function that, when enabled, allows a remote unauthenticated attacker to execute arbitrary OS commands with root privileges. Public docs confirm this vulnerability alongside other SHARP router C...

CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...

CVE-2024-46873

Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker...