MAL-2025-184770 Malicious code in poliaoz-aik-avuhusibvaku (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc71c714bc92811b886b32f9afbfe27994ec75d9a07fee0c40f73e25a5ead4b0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-164373 Malicious code in poliaoz-aik-al (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb3e695a597947b7c63a9b37f329c9e13a815c61b3d71c255b6cae16209e7d4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in poliaoz-aik-al (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eb3e695a597947b7c63a9b37f329c9e13a815c61b3d71c255b6cae16209e7d4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-9738 Malicious code in @zalastax/nolb-_aik (npm)

The package @zalastax/nolb-aik was found to contain malicious code...

GHSA-F4R5-Q63F-GCWW Keylime registrar and (untrusted) Agent can be bypassed by an attacker

Impact A security issue was found in the Keylime registrar code which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK which in indeed related to the EK. When an agent starts up, it will contact a registrar and provi...

Keylime registrar and (untrusted) Agent can be bypassed by an attacker

Impact A security issue was found in the Keylime registrar code which allows an attacker to effectively bypass the challenge-response protocol used to verify that an agent has indeed access to an AIK which in indeed related to the EK. When an agent starts up, it will contact a registrar and provi...

aik-sh.de Cross Site Scripting vulnerability OBB-3513228

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

aik-dresden.de Cross Site Scripting vulnerability OBB-2687988

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

aik-sh.de Cross Site Scripting vulnerability OBB-1311284

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

aik-sh.de XSS vulnerability

Open Bug Bounty ID: OBB-702862 Description| Value ---|--- Affected Website:| aik-sh.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidden until...