27 matches found
CVE-2026-28201
An improper input validation, together with an overly permissive default CORS configuration in Open Notebook v1.8.1 allows remote attacker to trick a legitimate user to alter or delete arbitrary database entries via specially crafted malicious URL. Depending on the deployment, data exfiltration i...
CloudCharge 访问控制错误漏洞
CloudCharge is a website for electric vehicle charging management developed by the Swedish company CloudCharge. CloudCharge has a security vulnerability related to access control. This vulnerability stems from the lack of proper authentication mechanisms at WebSocket endpoints, which could allow...
Malicious code in nuilva-bavaim-madibavvo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1261228b816615747e12bab219c850d7d1ab67e000901306d866c6c75b2d788 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in abiua-moban-atayauma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 72ce084649116cb4f81bafe9061cb76330bf5ad5f945607abcd6081d8a692605 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-159439 Malicious code in manadsi-sfda-marafi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f23fe09500fb6f42458629f5b5ec32aa3ac6ea1700199303422f0e6135fb2f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141532 Malicious code in deneb-astro-xenon-hugo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c30df2abcf22f557c7023e22a337b453c8f6233b50a59cb850d624a11cabd466 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mysql-jabbah-standard-chromedriver (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c3ebe5fb767500474057044d4da7b671ac47cc4a6fe13f95c5d1107327dbdfe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-113929 Malicious code in fauzi-klentik12-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 80db6267da2e195df724056dc1f2233b2b9e8ac59c00b9ca3f7f6a5cfc569fb3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-96242 Malicious code in regional_tiglon_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4eb2f556ed8d151d0308da63f3e9fa72a1c250c786c3fae4afac37458345d668 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-88251 Malicious code in maman-mendoan22-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51de05ec66ff5f79b98500bcf8cfb718b356fdede5bea3602eafa57cf649557d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-64422 Malicious code in nadia-rawon73-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecc9840b9853bae6ca2097e0480ff39c040f12baa4f208d96496decc4d5d65ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tiara-miemee99-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37002bc3d9b417de9102e657e18767c1a66286588e129bc5609c25d689f932f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-52007 Malicious code in hadi-klipo90-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a19e02a854e3a1417c1dae1a6368e16050829f40c7161b0f84f6c2cf9124eb20 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2021-8043
Malicious code in bioql PyPI...
PT-2025-36731
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: An open database issue exists due to an over permissive Redis instance. This could result in an attacker on the intranet accessing sensitive data and...
Cisco DNA Center 安全漏洞
Cisco DNA Center is a network management and command center service from Cisco. A security vulnerability exists in Cisco DNA Center that stems from a flaw in the web-based management interface that could allow an authenticated, remote attacker to alter specific data within the interface on an...
CVE-2024-28039
Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service DoS condition...
CVE-2024-28039
Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service DoS condition...
CVE-2023-29245
A SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, may allow an unauthenticated attacker to execute arbitrary SQL statements on the DBMS used by the web application by sendi...
Fortinet FortiOS 安全漏洞
Fortinet FortiOS is a set of security operating system dedicated to FortiGate network security platform from American Fita Fortinet. The system provides users with a variety of security features such as firewall, antivirus, IPSec/SSLVPN, Web content filtering and anti-spam. A security vulnerabili...