280 matches found
MAL-2025-103077 Malicious code in general_falcon_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0673a92202c743357da81c5187bc36d05a550edbe373f7094cfbffb274832a74 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-109660 Malicious code in tiara-gandul78-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 567bd0ee1edf9f0e60efd1c576d67eeb07003a8de9b176a9436dd43c910cdedb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in maya-lengko48-pore (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4d607950f73cce737872d8beaea003a169439c9a66b63d8c8cef7647555bf3e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2024-25621
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...
GHSA-MWMH-7PX9-4C23 ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection
Impact A potential vulnerability exists in ZITADEL's password reset mechanism. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password reset confirmation link. This link, containing a secret code, is then emailed to the user. If an...
PT-2025-44366
Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.119 Liferay DXP versions 2023.Q3.1 through 2023.Q4.10 and 2024.Q1.1 through 2024.Q1.5 Liferay Portal 7.4 GA through update 92 Older unsupported versions Description A flaw exists that allows remote...
CVE-2025-12351 Inadequate access control measure allows unauthorized users to access restricted administrative functions
Honeywell S35 Series Cameras contains an authorization bypass Vulnerability through User controller key. An attacker could potentially exploit this vulnerability, leading to Privilege Escalation to admin privileged functionalities . Honeywell also recommends updating to the most recent version of...
PT-2025-43548
Name of the Vulnerable Software and Affected Versions Vault versions prior to 1.21.0 Vault Enterprise versions prior to 1.21.0, 1.20.5, 1.19.11, and 1.16.27 Description The AWS Auth method in Vault and Vault Enterprise may allow authentication bypass if the bound principal iam role is identical...
Siemens Solid Edge
SUMMARY Solid Edge is affected by multiple file parsing vulnerabilities that could be triggered when the application reads specially crafted PRT files format. This could allow an attacker to crash the application or execute arbitrary code. Siemens has released new versions for the affected...
EUVD-2017-2919
Malware in sbrugna...
EUVD-2020-27456
Malware in sbrugna...
EUVD-2021-0849
Malware in sbrugna...
EUVD-2021-2187
Malware in sbrugna...
EUVD-2022-28257
Malicious code in bioql PyPI...
EUVD-2025-8256
Malicious code in bioql PyPI...
EUVD-2022-34251
Malicious code in bioql PyPI...
EUVD-2025-4085
Malicious code in bioql PyPI...
PT-2025-34932 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.15 through 18.1.4 GitLab CE/EE versions 18.2 through 18.2.4 GitLab CE/EE versions 18.3 through 18.3.0 Description: An authenticated user could cause a Denial of Service DoS condition by submitting URLs that generate...
PT-2025-34172 · Ubiquiti · Unifi Connect Display +2
Name of the Vulnerable Software and Affected Versions: UniFi Connect EV Station Pro versions 1.5.18 and earlier UniFi Connect Display versions 1.9.324 and earlier UniFi Connect Display Cast versions 1.9.301 and earlier UniFi Connect Display Cast Pro versions 1.0.78 and earlier UniFi Connect Displ...
PT-2025-33842 · Liferay · Liferay Dxp +1
Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.0 through 7.4.3.132 Liferay DXP versions 2025.Q2.0 through 2025.Q2.7 Liferay DXP versions 2025.Q1.0 through 2025.Q1.14 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.1 through...