3502 matches found
CVE-2025-53514
Mattermost Confluence Plugin (versions
CVE-2025-53514 Unexpected Input to Server Webhook endpoint Causes DoS in Mattermost Confluence Plugin
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
CVE-2025-53514 Unexpected Input to Server Webhook endpoint Causes DoS in Mattermost Confluence Plugin
Mattermost Confluence Plugin version 1.5.0 fails to handle unexpected request body which allows attackers to crash the plugin via constant hit to server webhook endpoint with an invalid request body...
CVE-2025-47907 vulnerabilities
Vulnerabilities for packages: zot, flux-image-automation-controller, witness, esbuild, mattermost, kaf, licenseclassifier, trust-manager, smarter-device-manager, fixuid, spicedb, promxy, newrelic-infra-operator, metrics-server, trino, verticadb-operator, nri-rabbitmq, k8ssandra-operator, kind,...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: trivy, datadog-agent, influxd, caddy, crossplane-provider-azure-managedidentity, fulcio, http-echo, kube-bench, custom-pod-autoscaler-fips, ingress-nginx-controller, opa, postgres-operator-fips, docker-machine-driver-harvester, loki-3.6,...
Malicious code in prof-tg-dooorto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b4b5d4d87a39a286c8665b40b510ac0016d0b71fcc83fde246dd1bca7402af09 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191824 Malicious code in prof-tg-dooorto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b4b5d4d87a39a286c8665b40b510ac0016d0b71fcc83fde246dd1bca7402af09 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-to-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e590e0ed82342410566d6866a770346dcbe14dc6f93bc6294d245148d6c28a51 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191828 Malicious code in prof-tg-to-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e590e0ed82342410566d6866a770346dcbe14dc6f93bc6294d245148d6c28a51 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-go-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d60babccd176fc8f6620e7b711731ff8d6b200d2141b318f1f09482c5a903 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191827 Malicious code in prof-tg-go-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e68d60babccd176fc8f6620e7b711731ff8d6b200d2141b318f1f09482c5a903 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-gjho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda95abcb7e3957c90ff671377cce017006e93aa74b673b13ef8588c9615d14 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191826 Malicious code in prof-tg-gjho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4eda95abcb7e3957c90ff671377cce017006e93aa74b673b13ef8588c9615d14 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-gdghho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6df3141fefe81c96a851af6c8844be2deba7f120c5700fed083ef85087a132b0 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191825 Malicious code in prof-tg-gdghho-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6df3141fefe81c96a851af6c8844be2deba7f120c5700fed083ef85087a132b0 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in prof-tg-dggrto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9dba23d808b6cdccaa1ceb5d393dd3b7774d71a2fdcde19ef7e1ea927a386ce Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191823 Malicious code in prof-tg-dggrto-qu (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a9dba23d808b6cdccaa1ceb5d393dd3b7774d71a2fdcde19ef7e1ea927a386ce Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
Malicious code in udn_extras (npm)
The package is a malware because it contains a postinstall script that executes index.js. The index.js script gathers sensitive information such as hostname, platform, username, IP address, and environment variables and sends it to an external server webhook.site via an HTTPS POST request. This...
Malicious code in prof-qux (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b87af8d8f13bd43c1cf3490ea551b8d60fe05a482875597ef2fe5d2c200ca19 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...
MAL-2025-191821 Malicious code in prof-qux (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 5b87af8d8f13bd43c1cf3490ea551b8d60fe05a482875597ef2fe5d2c200ca19 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...