GHSA-646X-M363-9RH4 node-opensl is malware

The node-opensl package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

node-opensl is malware

The node-opensl package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

Shopify: H1514 Lack of access control on edit packing slip template

Summary: An admin is able to edit the Edit packing slip template at /admin/settings/packingsliptemplate. However, a staff user with only "Home" permission and none other can view and also make edits to this template. Description: The Edit packing slip feature exists so an admin user can customize...

September 13, 2016 — KB3185614 (OS Build 10586.589)

September 13, 2016 — KB3185614 OS Build 10586.589 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, USB, and the .NET framework. Addressed issue wit...

PSF-2018-7 xml package does not obey ignore_environment

On two occasions, the xml package uses environment variables to override parser / DOM implementations: xml.sax package and xml.dom.domreg module. On both occasions, the code should not use env vars to override module names, when the interpreter is started with flags like -E or -I...

GHSA-5CV7-R488-WC5X noderequest is malware

The noderequest package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

noderequest is malware

The noderequest package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

CVE-2018-16949

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several data types used as RPC input variables were implemented as unbounded array types, limited only by the inherent 32-bit length field to 4 GB. An unauthenticated attacker could send, or claim to send, large input values...

Unspecified Vulnerability in NoMachine App for Android

NoMachine App for Android is a remote desktop application for the Android platform from NoMachine Luxembourg. A security vulnerability exists in NoMachine App for Android. An attacker can exploit the vulnerability to modify environment variables...

CVE-2018-0664

A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors...

CVE-2018-0664

A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors...

Design/Logic Flaw

A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors...

CVE-2018-0664

NoMachine App for Android contains an information alteration vulnerability that allows a remote attacker to modify environment variables, potentially leading to arbitrary code execution. Affected versions are NoMachine App for Android 5.0.63 and earlier; JVN notes the issue affects Android up to ...

CVE-2018-0664

A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors...

SeaCMS Code Execution Vulnerability

SeaCMS is a free and open source web content management system written in PHP. The system has been designed primarily to manage video-on-demand resources. A code execution vulnerability exists in SeaCMS version 6.61, which originates from the 'parseIf' function in the include/main.class.php file...

GHSA-72HV-RP4Q-Q7F3 babelcli is malware

The babelcli package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

babelcli is malware

The babelcli package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

GHSA-3WXQ-7R8M-QPMG ffmepg is malware

The ffmepg package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concern ...

ffmepg is malware

The ffmepg package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concern ...

GHSA-4X37-5RH2-HP8C node-opencv is malware

The node-opencv package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...