3506 matches found
VulnCheck KEV: CVE-2025-7441
The StoryChief plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 1.0.42. This vulnerability occurs through the /wp-json/storychief/webhook REST-API endpoint that does not have sufficient filetype validation. This makes it possible for unauthenticat...
Malicious code in fivetran-webhook-example-express (npm)
The package fivetran-webhook-example-express was found to contain malicious code...
MAL-2025-20626 Malicious code in fivetran-webhook-example-express (npm)
The package fivetran-webhook-example-express was found to contain malicious code...
MAL-2025-39010 Malicious code in webhook_client (npm)
The package webhookclient was found to contain malicious code...
CVE-2025-54463
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
CVE-2025-53514
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
Malicious code in pycrackhash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b3323afe460298d80a354497acdd641752c5fb6bce2dce3d7e7625d7a46f1d7c When using methods from the package, it downloads an obfuscated code from Github and puts it in multiple localisation. While it appears that this code is used ...
MAL-2025-191832 Malicious code in pycrackhash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b3323afe460298d80a354497acdd641752c5fb6bce2dce3d7e7625d7a46f1d7c When using methods from the package, it downloads an obfuscated code from Github and puts it in multiple localisation. While it appears that this code is used ...
Malicious code in kertash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3cb3ef6da7e0d1c1461bb944c5ff0e356b73e52d271afa9e94435097f1d0764f When using methods from the package, it downloads an obfuscated code from Github and puts it in multiple localisation. While it appears that this code is used ...
MAL-2025-191774 Malicious code in kertash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3cb3ef6da7e0d1c1461bb944c5ff0e356b73e52d271afa9e94435097f1d0764f When using methods from the package, it downloads an obfuscated code from Github and puts it in multiple localisation. While it appears that this code is used ...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the constant hits to the server webhook endpoint with an invalid request body. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies to the...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the webhook endpoints. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies to the server. Remediation Upgrade...
Improper Check for Unusual or Exceptional Conditions
Overview Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions via the webhook endpoints. An attacker can cause the plugin to crash by repeatedly sending invalid request bodies to the server. Remediation Upgrade...
GHSA-W92J-C6GR-HJ8R Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions
Mattermost Confluence Plugin versions 1.5.0 fail to handle unexpected request bodies, allow\ing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions
Mattermost Confluence Plugin versions 1.5.0 fails to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions
Mattermost Confluence Plugin versions 1.5.0 fail to handle unexpected request bodies, allow\ing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...
GHSA-GJPM-6W34-PPVF Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions
Mattermost Confluence Plugin versions 1.5.0 fails to handle unexpected request bodies, allowing attackers to crash the plugin via constant hits to the server webhook endpoint with an invalid request body...
CVE-2025-54463
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
CVE-2025-54463
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
CVE-2025-53514
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...