190 matches found
EUVD-2021-0502
Malware in sbrugna...
EUVD-2020-0547
Malware in sbrugna...
EUVD-2024-1878
Malicious code in bioql PyPI...
EUVD-2023-53715
Malicious code in bioql PyPI...
EUVD-2023-2077
Malicious code in bioql PyPI...
EUVD-2022-0421
Malicious code in bioql PyPI...
EUVD-2022-6512
Malicious code in bioql PyPI...
EUVD-2022-7419
Malicious code in bioql PyPI...
EUVD-2023-34971
Malicious code in bioql PyPI...
EUVD-2022-7153
Malicious code in bioql PyPI...
EUVD-2023-1528
Malicious code in bioql PyPI...
Malicious code in socket.io-rails (npm)
The package socket.io-rails was found to contain malicious code...
MAL-2025-33595 Malicious code in socket.io-rails (npm)
The package socket.io-rails was found to contain malicious code...
CVE-2023-37899
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. Feathers socket handler did not catch invalid string conversion errors like const message = $ toString: '' which would cause the NodeJS process to crash when sending an unexpected Socket.io...
Soundcraft Ui Series 安全漏洞
Soundcraft Ui Series is a professional audio mixer from Soundcraft. A security vulnerability exists in the Soundcraft Ui Series Models Ui12 and Ui16 Firmware versions 1.0.7x and 1.0.5x, which originates in the /socket.io/1/websocket/ component that could lead to the disclosure of administrator...
Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in Socket.IO
Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of Socket.IO Vulnerability Details CVEID:CVE-2024-38355 DESCRIPTION: Socket.IO is vulnerable to a denial of service. By sending a specially crafted Socket.IO packet, a remote attacker could exploit this vulnerability to trigg...
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.17 and earlier
Summary This fix upgrades to Websphere Liberty 24.0.0.6, socket.io 3.0.2, and grpc-js 1.8.22. Websphere Liberty is used by the IBM Answer Retrieval for Watson Discovery swagger microservice. Socket.io and grpc-js are used by the IBM Answer Retrieval for Watson Discovery user interfaces for...
Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service [CVE-2024-38355]
Summary Socket.IO is used by IBM App Connect Enterprise Certified Container for real-time UI updates. IBM App Connect Enterprise Certified Container DesignerAuthoring operands are vulnerable to denial of service. This bulletin provides patch information to address the reported vulnerability in...
MAL-2024-3030 Malicious code in socket.io-client-v2 (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-38355
A vulnerability was found in Socket.IO where a specially crafted packet can trigger an uncaught exception on the server, causing the Node.js process to crash. When the server receives this malformed packet, it results in an unhandled error event that stops the Socket.IO server from functioning...