4572 matches found
Akinsoft MyRezzta 安全漏洞
Aiseesoft is a technology company specializing in software development. Akinsoft MyRezzta has a security vulnerability that stems from improper execution of behavioral workflows and uncontrolled consumption of resources, no details of the vulnerability are provided at this time...
PT-2025-35702
Name of the Vulnerable Software and Affected Versions: Akinsoft MyRezzta versions s2.02.02 through v2.05.01 Description: An improper enforcement of behavioral workflow and uncontrolled resource consumption issue exists in Akinsoft MyRezzta, allowing for input data manipulation. This issue is...
Sim Studio 代码问题漏洞
Sim Studio is an AI proxy workflow builder for Sim Studio open source. A code issue vulnerability exists in Sim Studio that stems from a misbehavior in the file apps/sim/app/api/proxy/image/route.ts that results in server-side request forgery...
CVE-2025-55526
n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the downloadworkflow function within apiserver.py...
MAL-2025-41439 Malicious code in @nx/js (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 3c2a892d723eab92005e851787f5a482f8d1a64259e6dda10ee1d097c0123a84 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
Malicious code in @nx/node (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 2af988f9c4fc2229b1c898c346bb959612eb11fe9a5065e686c47328bee221e0 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
MAL-2025-41437 Malicious code in @nx/enterprise-cloud (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a8a1b6e74c68b5c6901f2ea242469aa5a34ffec9ddc3fb92267b3d1627123267 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
Malicious code in @nx/eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 28938ac9b6855425f3f452af308a0335a4dc5eb1c23ba08865c5cc5be914783e The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
Malicious code in @nx/js (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 3c2a892d723eab92005e851787f5a482f8d1a64259e6dda10ee1d097c0123a84 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
Malicious code in nx (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 94e241aa8202f641d66991ca134d9c18bf1fecbf8e89c2f2052aa2a7a41e5148 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
Malicious code in @nx/workspace (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security de4f725d7676817771f8e239509ac7b8d148e2c69e16a7c8129d87e88f992988 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
Malicious code in @nx/devkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 82ff2a985875be92c4e6805f2f65ae5435da3dcda53d0caebed254db81dd0b62 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
MAL-2025-41441 Malicious code in @nx/node (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 2af988f9c4fc2229b1c898c346bb959612eb11fe9a5065e686c47328bee221e0 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
MAL-2025-41442 Malicious code in @nx/workspace (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security de4f725d7676817771f8e239509ac7b8d148e2c69e16a7c8129d87e88f992988 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
MAL-2025-41438 Malicious code in @nx/eslint (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 28938ac9b6855425f3f452af308a0335a4dc5eb1c23ba08865c5cc5be914783e The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
MAL-2025-41440 Malicious code in @nx/key (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a77d672a4263588b96bbf3fbf8ddbd4e1e7b6ee0bccd619a447bf9e301883b3 The package @nx/[email protected] is published under the @nx scope and ships a heavily obfuscated JavaScript file native.js using hex-mangled identifiers...
MAL-2025-41436 Malicious code in @nx/devkit (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 82ff2a985875be92c4e6805f2f65ae5435da3dcda53d0caebed254db81dd0b62 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
MAL-2025-41443 Malicious code in nx (npm)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 94e241aa8202f641d66991ca134d9c18bf1fecbf8e89c2f2052aa2a7a41e5148 The nx project and associated plugins were compromised via a vulnerable GitHub workflow that allowed code injection and the theft of an NP...
CVE-2025-34161
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution vulnerability in the project deployment workflow. The platform allows authenticated users, with low-level member privileges, to inject arbitrary shell commands via the Git Repository field during project creatio...
GHSA-CXM3-WV7P-598C Malicious versions of Nx were published
Summary Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. Immediate Actions Required For all users, check if you were...