Lab-Reflected-XSS-into-attribute-with-angle-brackets-HTML-encoded

Reflected XSS - Attribute Injection A simple demonstration of...

Malicious Package

Overview @santandergroup-uk/edgehome-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

Malicious Package

Overview @riag-libs/pattern-library-react-hooks is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization...

Fake Microsoft Teams Billing Phishing Alerts Reach 6,135 Users via 12,866 Emails

Scammers are abusing Microsoft Teams invitations to send fake billing notices, with 12,866 emails reaching around 6,135 users in a phone-based phishing campaign...

SUSE: Security Advisory (SUSE-SU-2026:0265-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-HQF9-8XV5-X8XW

creationtimestamp| type| source ---|---|--- 2026-01-24 21:31:08+00:00| seen| https://gist.github.com/alon710/97491250cd95bc835ebfe51fcfbf1308 2026-01-24 21:31:09+00:00| seen| https://gist.github.com/alon710/6ece0e6f8b35b33d759e8493148369c9 2026-01-24 22:43:01+00:00| seen|...

GHSA-G5GC-H5HP-555F

creationtimestamp| type| source ---|---|--- 2026-01-24 21:25:13+00:00| seen| https://gist.github.com/alon710/36dfb2017bc84d12c53f0d34b22f1f3f...

CVE-2026-22808

creationtimestamp| type| source ---|---|--- 2026-01-24 21:23:38+00:00| seen| https://gist.github.com/alon710/6cb56ce49fdd250735cd1e3f48481606 2026-01-24 22:26:33+00:00| seen| https://gist.github.com/alon710/f30dfca4833be946bfbfe3ad5d0ceea4 2026-01-24 22:26:36+00:00| seen|...

CVE-2026-0895

creationtimestamp| type| source ---|---|--- 2026-01-24 21:23:18+00:00| seen| https://gist.github.com/alon710/24f3c400b3623201c1df9a8ca513e039 2026-01-24 22:21:51+00:00| seen| https://gist.github.com/alon710/5ac50e78c989009cbc7a48f536fe1f0f 2026-01-24 22:21:54+00:00| seen|...

CVE-2026-0792

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

MAL-2026-495 Malicious code in h-jsencrypt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb69a1fb2f3c3ef16b7e30994095eb335b41563a498523667d83d60ed0c56c60 The package h-jsencrypt was found to contain malicious code. Source: ghsa-malware a2cacebaa99bf1715c395ba91c26e95c4ce77af5a16cbbcc4e5041c2a47b4143 An...

CVE-1999-0113

creationtimestamp| type| source ---|---|--- 2026-01-23 05:17:32+00:00| seen| https://bsky.app/profile/fets.bsky.social/post/3md2x4q763k27 2026-01-26 16:47:00+00:00| seen| https://vulnerability.circl.lu/bundle/1e1a5c92-386f-4bce-a79d-a0850f3526dd...

CVE-2026-0795

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

CVE-2026-0794

ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw...

CVE-2026-0792

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

CVE-2026-0792

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

CVE-2025-11083

creationtimestamp| type| source ---|---|--- 2026-01-23 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1732 2026-05-06 07:57:44+00:00| seen| https://www.acn.gov.it/portale/w/risolte-vulnerabilita-in-prodotti-juniper-secure-analytics 2026-05-06 14:30:29+00:00| seen|...

CVE-2026-0792 ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

CVE-2026-0792

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this...

CVE-2026-0792

CVE-2026-0792 concerns the ALGO 8180 IP Audio Alerter. The flaw is a stack-based buffer overflow in the handling of the SIP SIP INVITE Alert-Info header, caused by insufficient validation of the length of user-supplied data before copying it into a fixed-length buffer. This can allow remote code ...