Lucene search
+L

31 matches found

ossf
ossf
added 2026/06/29 4:48 p.m.10 views

Malicious code in @anna-money/anna-web-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51ad1206f707247b245f3a828c780fbe27239f1fa15c8a90782617144669af5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
osv
osv
added 2026/06/29 4:48 p.m.6 views

MAL-2026-6600 Malicious code in @anna-money/anna-web-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51ad1206f707247b245f3a828c780fbe27239f1fa15c8a90782617144669af5f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
nvd
nvd
added 2026/06/15 8:16 p.m.12 views

CVE-2026-50882

An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service DoS via a crafted POST request...

7.5CVSS0.00324EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/15 12:0 a.m.31 views

CVE-2026-50882

An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service DoS via a crafted POST request...

0.00324EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/06/15 12:0 a.m.15 views

PT-2026-49323

Name of the Vulnerable Software and Affected Versions anna-is-cute paste version 0.1.1 Description A flaw in the '/api/v0/pastes' endpoint allows attackers to cause a Denial of Service DoS, which is a condition where a service becomes unavailable to its intended users, by sending a specially...

7.5CVSS5.9AI score0.00324EPSS
Exploits0References3
cve
cve
added 2026/06/15 12:0 a.m.23 views

CVE-2026-50882

CVE-2026-50882 affects anna-is-cute paste v0.1.1, exposed via the /api/v0/pastes endpoint. A crafted POST request can trigger a Denial of Service. The available documents confirm the endpoint and vulnerability class but do not specify affected versions beyond v0.1.1, nor provide concrete exploit ...

7.5CVSS5.4AI score0.00324EPSS
Exploits0References1
ossf
ossf
added 2025/11/12 7:18 p.m.4 views

Malicious code in anna-salwa-tea (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a99818fee7cd0f2f61496468aa6b190495c8fa49efa03cf5c001016686997ef This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
euvd
euvd
added 2025/11/12 7:18 p.m.3 views

EUVD-2025-143249

Malicious code in anna-salwa-tea npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-6173

Malware in sbrugna...

7.5CVSS6.4AI score0.01152EPSS
Exploits0References6
openbugbounty
openbugbounty
added 2024/02/11 11:38 a.m.7 views

anna-minasyan.com Cross Site Scripting vulnerability OBB-3851428

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2023/06/20 11:57 p.m.15 views

anna-jagmann.de Cross Site Scripting vulnerability OBB-3451128

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

10AI score
Exploits0
malwarebytes
malwarebytes
added 2023/03/27 9:0 a.m.15 views

Solving the password’s hardest problem with passkeys, featuring Anna Pobletts

How many passwords do you have? If you're at all like our Lock and Code host David Ruiz, that number hovers around 200. But the important follow up question is: How many of those passwords can you actually remember on your own? Prior studies suggest a number that sounds nearly...

6.8AI score
Exploits0
openbugbounty
openbugbounty
added 2022/09/11 9:15 p.m.13 views

library.annauniv.edu Cross Site Scripting vulnerability OBB-2914398

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
osv
osv
added 2022/06/25 12:0 a.m.43 views

GHSA-6XC4-7FMM-65Q2 Code injection in concrete CMS

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

8CVSS9.6AI score0.01681EPSS
Exploits0References7
github
github
added 2022/06/25 12:0 a.m.24 views

Code injection in concrete CMS

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

9.8CVSS0.9AI score0.01681EPSS
Exploits0References7Affected Software1
nvd
nvd
added 2022/06/24 3:15 p.m.26 views

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

9.8CVSS0.01681EPSS
Exploits0References3
prion
prion
added 2022/06/24 3:15 p.m.13 views

Cross site request forgery (csrf)

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

7.5CVSS9.5AI score0.01681EPSS
Exploits0References3Affected Software1
osv
osv
added 2022/06/24 3:0 p.m.5 views

CVE-2022-21829

Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concretesecure’ instead of ‘concrete’. Concrete now only makes requests over https even a request comes in via http...

9.8CVSS7.1AI score0.01681EPSS
Exploits0References5
openbugbounty
openbugbounty
added 2022/03/31 11:0 p.m.15 views

anna-live.com Cross Site Scripting vulnerability OBB-2457889

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
openbugbounty
openbugbounty
added 2021/11/08 4:46 p.m.9 views

anna-bella.org Improper Access Control vulnerability OBB-2249776

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.6AI score
Exploits0
Rows per page
Query Builder