3745 matches found
PT-2023-10310 · Gnu +1 · Glibc +1
Name of the Vulnerable Software and Affected Versions: glibc versions prior to 2.22 Description: The issue in the GNU C Library glibc might allow context-dependent attackers to cause a denial of service, resulting in an application crash. This can be demonstrated by using the fnmatch library...
Malicious Package
Overview useravatarcircleicon is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview techghoshal123 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...
Malicious Package
Overview bc-baseline is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious Package
Overview libponenunber-js is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...
Malicious Package
Overview bootstrap-sass-official is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
Malicious Package
Overview react-influxdb is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...
Malicious Package
Overview oci-console-regions is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this packa...
Malicious Package
Overview eg-shared is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious Package
Overview @capdesk/camo is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious Package
Overview citi-gcg-173875 is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...
Malicious Package
Overview pitito is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
Malicious Package
Overview superagtn is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
PT-2023-21861 · Unknown · Simple Design Daily Journal +1
Name of the Vulnerable Software and Affected Versions: Simple Design Daily Journal version 1.012.GP.B Description: A vulnerability has been found in the SQLite Database component, leading to cleartext storage in a file or on disk. The manipulation can be launched on the local host. The exploit ha...
PT-2023-24191 · Unknown +1 · Flask-Caching +1
Name of the Vulnerable Software and Affected Versions: ToUI versions 2.0.1 through 2.4.0 Description: The issue affects websites that use the Website.user vars property. ToUI utilizes Flask-Caching SimpleCache to store user variables, which are stored on the server side. Recommendations: For...
PT-2023-17043 · Unknown · Mobilmen Terminal
Name of the Vulnerable Software and Affected Versions: Mobilmen Terminal Software versions prior to 3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
Malicious Package
Overview grouped-content is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package w...
Malicious Package
Overview lexicaltext is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...
PT-2023-3380 · Sourcecodester · Sourcecodester Lost/Found Information System
Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue has been found in the component "admin/?page=items/view item" of the SourceCodester Lost and Found Information System, related to the lack of protectio...
PT-2023-22999 · Mutagen +1 · Mutagen +1
Name of the Vulnerable Software and Affected Versions: Mutagen versions prior to 0.16.6 Mutagen versions prior to 0.17.1 mutagen-compose versions prior to 0.17.1 Description: The issue affects Mutagen's list and monitor commands, making them susceptible to control characters provided by remote...