283 matches found
MAL-2025-190721 Malicious code in @asyncapi/web-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd2dff5164da9cab0fa9cbd6684d231b19caa4cc57fe660f4d0ad2cd8573dc1a The package @asyncapi/web-component was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198786
Malicious code in @asyncapi/web-component npm...
Malicious code in @asyncapi/web-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd2dff5164da9cab0fa9cbd6684d231b19caa4cc57fe660f4d0ad2cd8573dc1a The package @asyncapi/web-component was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview geopost-web-component is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-36572
Malicious code in geopost-web-component npm...
Malicious code in geopost-web-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da57d3bad54c135655781ae00e108e90ad9a31f6eaa11327df5d4654a411f0d7 The package geopost-web-component was found to contain malicious code. Source: ghsa-malware...
MAL-2025-48947 Malicious code in geopost-web-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da57d3bad54c135655781ae00e108e90ad9a31f6eaa11327df5d4654a411f0d7 The package geopost-web-component was found to contain malicious code. Source: ghsa-malware...
CVE-2025-11183 Cross-Site Scripting Vulnerability in QWC2
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
EUVD-2018-9308
Malware in sbrugna...
EUVD-1999-0752
Malware in sbrugna...
EUVD-2024-35891
Malicious code in bioql PyPI...
EUVD-2022-48190
Malicious code in bioql PyPI...
EUVD-2024-22362
Malicious code in bioql PyPI...
EUVD-2024-54351
Malicious code in bioql PyPI...
EUVD-2024-54353
Malicious code in bioql PyPI...
EUVD-2024-21123
Malicious code in bioql PyPI...
CVE-2025-56432
A cross-site scripting XSS vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-relat...
Malicious code in frontend-js-web-component (npm)
The package frontend-js-web-component was found to contain malicious code...
MAL-2025-20971 Malicious code in frontend-js-web-component (npm)
The package frontend-js-web-component was found to contain malicious code...
Liferay Portal and Liferay DXP vulnerable to Server-Side Request Forgery
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15, and 7.4 GA through update 92 allow a pre-authentication blind SSRF vulnerability in the...