7840 matches found
MAL-2025-44055 Malicious code in dotenv-parse-variables-playwright-pyxis-geochronology (npm)
The package dotenv-parse-variables-playwright-pyxis-geochronology was found to contain malicious code...
Malicious code in kuiperbelt-miranda-dotenv-parse-variables-radiant (npm)
The package kuiperbelt-miranda-dotenv-parse-variables-radiant was found to contain malicious code...
Malicious code in dotenv-parse-variables-typeorm-spectron-fusion (npm)
The package dotenv-parse-variables-typeorm-spectron-fusion was found to contain malicious code...
Malicious code in meteor-dotenv-parse-variables-callback-kaus (npm)
The package meteor-dotenv-parse-variables-callback-kaus was found to contain malicious code...
MAL-2025-46151 Malicious code in style-loader-impulse-acamar-dotenv-parse-variables (npm)
The package style-loader-impulse-acamar-dotenv-parse-variables was found to contain malicious code...
MAL-2025-44147 Malicious code in equinox-rate-limiter-auriga-dotenv-parse-variables (npm)
The package equinox-rate-limiter-auriga-dotenv-parse-variables was found to contain malicious code...
MAL-2025-44054 Malicious code in dotenv-parse-variables-oauth-pavo-meteor (npm)
The package dotenv-parse-variables-oauth-pavo-meteor was found to contain malicious code...
MAL-2025-44929 Malicious code in kuiperbelt-miranda-dotenv-parse-variables-radiant (npm)
The package kuiperbelt-miranda-dotenv-parse-variables-radiant was found to contain malicious code...
MAL-2025-45181 Malicious code in meteor-dotenv-parse-variables-callback-kaus (npm)
The package meteor-dotenv-parse-variables-callback-kaus was found to contain malicious code...
MAL-2025-44053 Malicious code in dotenv-parse-variables-norma-andromeda-testcafe (npm)
The package dotenv-parse-variables-norma-andromeda-testcafe was found to contain malicious code...
MAL-2025-44051 Malicious code in dotenv-parse-variables-cluster-mongoose-xanthus (npm)
The package dotenv-parse-variables-cluster-mongoose-xanthus was found to contain malicious code...
QEMU 安全漏洞
QEMU Quick Emulator is a suite of simulation processor software by Fabrice Bellard, an individual developer in France. The software is fast and cross-platform. QEMU suffers from a security vulnerability that stems from the fact that an attacker can bypass access restrictions via uefi-vars, which...
Linux Distros Unpatched Vulnerability : CVE-2025-24959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zx is a tool for writing better scripts. An attacker with control over environment variable values can inject unintended environment variables into process.env...
Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.0.15 Images Update
New images are available for Red Hat build of Keycloak 26.0.15 and Red Hat build of Keycloak 26.0.15 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Ha...
org.keycloak/keycloak-model-storage-service: Variable injection into environment variables
A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are...
org.keycloak/keycloak-model-storage-service: Variable injection into environment variables
A flaw was found in org.keycloak/keycloak-model-storage-service. The KeycloakRealmImport custom resource substitutes placeholders within imported realm documents, potentially referencing environment variables. This substitution process allows for injection attacks when crafted realm documents are...
QEMU uefi-vars Uninitialized Memory Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of QEMU. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the uefi-vars...
Unsanitized NUL in environment variables on Windows in syscall and os/exec
...
Unintentional exposure of environment variables to subprocesses in sentry-sdk
...
Linux Distros Unpatched Vulnerability : CVE-2019-14802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HashiCorp Nomad 0.5.0 through 0.9.4 fixed in 0.9.5 reveals unintended environment variables to the rendering task during template rendering, aka...