MAL-2026-4488 Malicious code in auth-basic-vault (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3227380d9ef91ce63237acc9656b88a50b29aeeb05c594b700c5936a7527543 On require'auth-basic-vault', lib/writer.js attempts to require'authcascade' at module top level and, on failure, shells out via execSync to npm...

Fedora 44 : pie (2026-3d8d946f69)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3d8d946f69 advisory. Version 1.4.4 Dependencies - Update Composer to 2.9.8 ---- Version 1.4.3 - add output check for dnf permission denied thanks to @asgrim and @hackel - don't...

Malicious code in cami-design (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57ccc787b2437085a18ed05c52fc473d8c28162cbe3cbbaa04adaefa73389da1 On install, scripts/install.js invokes autoUpdate.install, which writes a launchd agent to...

MAL-2026-4429 Malicious code in @rui.branco/sentry-mcp (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8504c65903895f53054fc6df861469ddbac73c130793bd784d47eca8ef2cd65b On every load of index.js the package's main and bin entry, the package queries GitHub for the latest commit SHA on HEAD of rui-branco/sentry-mcp and...

Veeam Agent for Microsoft Windows 13.0.1.120 to 13.0.1.1009 Upgrade Notes

Article Applicability This article documents notable deviations from the standard Veeam Agent for Microsoft Windows upgrade procedure that occur only when upgrading from Veeam Backup & Replication VBR 13.0.1 build 13.0.1.180 to 13.0.1 Patch 1 build 13.0.1.1071. This patch to VBR includes a new...

CVE-2025-34193

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 25.1.102 and Application versions prior to 25.1.1413 include Windows client components PrinterInstallerClientInterface.exe, PrinterInstallerClient.exe, PrinterInstallerClientLauncher.exe that lack modern compile-time and...

Temcrypt - Evolutionary Encryption Framework Based On Scalable Complexity Over Time

The Next-gen Encryption Try temcrypt on the Web → temcrypt SDK Focused on protecting highly sensitive data, temcrypt is an advanced multi-layer data evolutionary encryption mechanism that offers scalable complexity over time, and is resistant to common brute force attacks. You can create your own...

PyStat - Advanced Netstat Using Python For Windows

PyStat is an Advanced Netstat Using Python For Windows. Features Know remote address of process Know remote ports of process Know which user using process along with title & PID Changelogs: Auto Install python modules support added in install.py Installation Guide: Download the .zip file Extract...

The Word exposed 0day vulnerabilities: no need to enable the macros, open the document it automatically install a malicious program-vulnerability warning-the black bar safety net

! In fact, the use of Word macros as the distribution of malicious programs is the way today's conventional via, so many people choose to disable macros, but if you say disable the macros are useless, such a malicious Word document danger is quite different. Recently, McAfee and FireEye security...

FAQMasterFlex 1.2 - SQL Injection Vulnerability

No description provided by source. Hi guys, I just found a sqli bug on FAQMasterFlex. Since the software used as one of Fantastico auto-install software package in F.A.Q software section. Author: cyb3r.anbu Software Link: http://www.lethalpenguin.net/design/faqmasterflex.php Version: 1.2 Tested o...

Installer: Generated auto-install xml is world readable

The GUI installer in JBoss Enterprise Application Platform EAP and Enterprise Web Platform EWP 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file...

CVE-2013-0218

The GUI installer in JBoss Enterprise Application Platform EAP and Enterprise Web Platform EWP 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file...

CVE-2013-0218

The GUI installer in JBoss Enterprise Application Platform EAP and Enterprise Web Platform EWP 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file...

CVE-2013-0218

The GUI installer in JBoss Enterprise Application Platform EAP and Enterprise Web Platform EWP 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file...

Installer: Generated auto-install xml is world readable

The GUI installer in JBoss Enterprise Application Platform EAP and Enterprise Web Platform EWP 5.2.0 and possibly 5.1.2 uses world-readable permissions for the auto-install XML file, which allows local users to obtain the administrator password and the sucker password by reading this file...

FAQMasterFlex 1.2 - SQL Injection

Hi guys, I just found a sqli bug on FAQMasterFlex. Since the software used as one of Fantastico auto-install software package in F.A.Q software section. Author: cyb3r.anbu Software Link: http://www.lethalpenguin.net/design/faqmasterflex.php Version: 1.2 Tested on: Ubuntu...