Malicious code in @posthog/ingestion-alert-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c8eecfada0b8b32fc4e69b17399fba304ef75a1cf7ad1e2fabbf1eabdd10a5c The package @posthog/ingestion-alert-plugin was found to contain malicious code. Source: google-open-source-security...

MAL-2025-190916 Malicious code in @tezign/html-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 437929a07e5bc4e0e6dfe545fa858db027aa2ba4e6fa87701a09d5b07277b543 The package @tezign/html-webpack-plugin was found to contain malicious code...

EUVD-2025-198867

Malicious code in @ensdomains/renewal npm...

EUVD-2025-198839

Malicious code in cpu-instructions npm...

EUVD-2025-198759

Malicious code in zuper-cli npm...

EUVD-2025-198668

Malicious code in @trigo/trigo-hapijs npm...

EUVD-2025-198680

Malicious code in atrix-mongoose npm...

EUVD-2025-198705

Malicious code in @asyncapi/converter npm...

EUVD-2025-198623

Malicious code in @validate-pubkey/hex npm...

EUVD-2025-198614

Malicious code in tailwind-pulse npm...

Malicious code in @quick-start-soft/quick-markdown-image (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebaec604b88bfa99689645f0ecb3061111aa393606337785c71c2755493864f1 The package @quick-start-soft/quick-markdown-image was found to contain malicious code. Source: ghsa-malware...

CVE-2025-54563

CVE-2025-54563 affects Desktop Alert PingAlert, with the Application Server vulnerable to an Incorrect Access Control flaw in versions 6.1.0.11–6.1.1.2, leading to remote information disclosure. The NVD/CERT-style metrics show CVSS v3.1 base score 7.5 (HIGH), attack vector NETWORK, attack complex...

CVE-2025-54347

CVE-2025-54347 affects Desktop Alert PingAlert application server versions 6.1.0.11–6.1.1.2, with a Directory Traversal vulnerability that allows writing arbitrary files under certain conditions. The CVSS3.1 base score is 9.9 (Network, Privileges Low, User Interaction None, Scope Changed; Impact:...

CVE-2025-54338

CVE-2025-54338 affects Desktop Alert PingAlert (Application Server) with an Incorrect Access Control flaw in versions 6.1.0.11–6.1.1.2, allowing disclosure of user hashes. Root cause: improper access control in the Application Server. Impact: potential exposure of user credential material. CVSSv3...

Desktop Alert PingAlert 安全漏洞

Desktop Alert PingAlert is a network status monitoring tool from US-based Desktop Alert. A security vulnerability exists in Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2, which stems from improper access control and could lead to disclosure of user hashes...

Desktop Alert PingAlert 安全漏洞

Desktop Alert PingAlert is a network status monitoring tool from Desktop Alert USA. A security vulnerability exists in Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2, which originates from a directory traversal and could result in writing to arbitrary files...

Desktop Alert PingAlert 安全漏洞

Desktop Alert PingAlert is a network status monitoring tool from Desktop Alert USA. A security vulnerability exists in Desktop Alert PingAlert versions 6.1.0.11 through 6.1.1.2, which stems from the presence of hard-coded configuration values...

CVE-2025-54347

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions...

CVE-2025-54563

An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows Incorrect Access Control, leading to Remote Information Disclosure...

CVE-2025-54341

A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2. There are Hard-coded configuration values...