Lucene search
K

22 matches found

OSV
OSV
added 2 days ago3 views

MAL-2026-10390 Malicious code in timmytuffknuckles9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 342d7a44db99769023685647376a6042d5a9b345c281826484c9d88561f245ca Package is not a Node library — package.json declares main: sw.js, a browser Service Worker whose first line calls importScripts'./8cfc2/hgshm.js'...

6.2AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:30 p.m.9 views

Malicious code in ratelimitsucks (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44ed99ce54c3f8b6fa4f1bfa207a593bbf0d441c9eeee7d29dbc991098f8e12f Package is not a library. main points at sw.js, a browser Service Worker that uses importScripts, self.addEventListener'fetch'|'install'|'activate',...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:29 p.m.9 views

Malicious code in abuden22 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c6b2d1b9158b6a3652850cdee84fd448567fc6d8187e685ee0b85eb8d594f57 The tarball contains a static-site bundle index.html, obfuscated asset chunks, service worker sw.js, and the MercuryWorkshop/Scramjet web-proxy bundl...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/18 4:29 p.m.9 views

Malicious code in abuden221 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbd19b84f2238fb96214c792d294b1ac0e114103c238ddf040a7960377d78f90 The tarball is a static-site / web-proxy build index.html, /assets/.js bundles with obfuscated names, a.well-known/discord verification file, brandin...

6.2AI score
Exploits0References4
OSV
OSV
added 2026/06/16 7:27 p.m.8 views

MAL-2026-5918 Malicious code in nottuff7 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15a5e98054661d6eea29d8120457ffc7e00d7b516223a5fa6ec91355e9434652 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 7:27 p.m.10 views

Malicious code in nottuff23 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41d429b099904a530f5dc4dfdd4724b7b6160c1de1330e0b103e8b8e3c737dfd The package is one of approximately 100 identically-named-pattern publishes from an automated bulk-publish operation. The tarball ships...

6.2AI score
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-19547

Malware in sbrugna...

4.4CVSS5AI score0.00175EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/08/08 12:0 a.m.10 views

The vulnerability in the WasmToJSException script of the Safari browser on operating systems macOS, iOS, iPadOS, tvOS, visionOS, and watchOS allows attackers to execute arbitrary code and trigger a service failure.

The vulnerability of the WasmToJSException script in Safari browsers on macOS, iOS, iPadOS, tvOS, visionOS, and watchOS is related to type mixing errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause service failures within the browser context...

10CVSS8.1AI score0.00961EPSS
Exploits0References8Affected Software6
Vulnerability Lab
Vulnerability Lab
added 2014/12/12 12:0 a.m.94 views

Jease CMS v2.11 - Persistent UI Web Vulnerability

Document Title: =============== Jease CMS v2.11 - Persistent UI Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1373 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8780 CVE-ID: ======= CVE-2014-8780 Release Date: =============...

3.5CVSS5.9AI score0.00682EPSS
Exploits3
OpenVAS
OpenVAS
added 2013/02/28 12:0 a.m.9 views

Nmap NSE 6.01: ms-sql-info

Attempts to determine configuration and version information for Microsoft SQL Server instances. SQL Server credentials required: No will not benefit from 'mssql.username' & 'mssql.password'. Run criteria: Host script: Will always run. Port script: N/A NOTE: Unlike previous versions, this script...

7.5AI score
Exploits0
Nmap
Nmap
added 2012/07/10 9:50 a.m.212 views

ms-sql-dac NSE Script

Queries the Microsoft SQL Browser service for the DAC Dedicated Admin Connection port of a given or all SQL Server instance. The DAC port is used to connect to the database instance when normal connection attempts fail, for example, when server is hanging, out of memory or in other bad states. In...

10CVSS0.1AI score0.99448EPSS
Exploits33
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.10 views

Nmap NSE net: citrix-enum-apps

Extracts a list of published applications from the ICA Browser service. OpenVAS Vulnerability Test $Id: gbnmapcitrixenumappsnet.nasl 5505 2017-03-07 10:00:18Z teissa $ Autogenerated NSE wrapper Authors: NSE-Script: Patrik Karlsson NASL-Wrapper: autogenerated Copyright: NSE-Script: The Nmap Securi...

0.1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/06/01 12:0 a.m.17 views

Nmap NSE net: citrix-enum-servers

Extracts a list of Citrix servers from the ICA Browser service. OpenVAS Vulnerability Test $Id: gbnmapcitrixenumserversnet.nasl 5505 2017-03-07 10:00:18Z teissa $ Autogenerated NSE wrapper Authors: NSE-Script: Patrik Karlsson NASL-Wrapper: autogenerated Copyright: NSE-Script: The Nmap Security...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2011/02/16 12:0 a.m.37 views

CVE-2011-0654

Integer underflow in the BowserWriteErrorLogEntry function in the Common Internet File System CIFS browser service in Mrxsmb.sys or bowser.sys in Active Directory in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1...

7.7AI score0.68084EPSS
Exploits3References14
CERT
CERT
added 2011/02/16 12:0 a.m.44 views

Microsoft Windows browser election message kernel pool overflow

Overview A vulnerability exists in the way the Microsoft Windows browser service handles Browser Election messages. Description From Description of the Microsoft Computer Browser Service:"The browser service maintains a list of the domain name or workgroup name the computer is in, and the protoco...

7.8AI score
Exploits0References4
CVE
CVE
added 2011/02/16 12:0 a.m.84 views

CVE-2011-0654

CVE-2011-0654 describes an integer underflow in BowserWriteErrorLogEntry within the CIFS browser service (Mrxsmb.sys/bowser.sys) used by Active Directory; a malformed BROWSER ELECTION message can trigger a heap-based buffer overflow. Affected products include Windows XP SP2/SP3, Windows Server 20...

10CVSS7.8AI score0.68084EPSS
Exploits3References14Affected Software2
OpenVAS
OpenVAS
added 2011/01/21 12:0 a.m.15 views

Nmap NSE: Citrix Enum Apps

This script attempts to extract a list of published applications from the ICA Browser service. This is a wrapper on the Nmap Security Scanner's http://nmap.org citrix-enum-apps.nse. OpenVAS Vulnerability Test $Id: gbnmapcitrixenumapps.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap Citri...

7.2AI score
Exploits0
Nmap
Nmap
added 2009/12/14 7:30 a.m.202 views

citrix-enum-apps NSE Script

Extracts a list of published applications from the ICA Browser service. Example Usage sudo ./nmap -sU --script=citrix-enum-apps -p 1604 Script Output PORT STATE SERVICE 1604/udp open unknown 1604/udp open unknown | citrix-enum-apps: | Notepad | iexplorer | registry editor Requires nmap shortport...

10CVSS9.3AI score0.99448EPSS
Exploits33
securityvulns
securityvulns
added 2008/11/04 12:0 a.m.136 views

Microsoft Windows code execution

It's possible toexecute code without authentication with RPC request UUID 4b324fc8-1670-01d3-1278-5a47bf6ee188 to browser service via SERVER LanmanServer service, TCP/139, TCP/445. Reccomendation is to disable browser service...

10CVSS3.9AI score0.98751EPSS
Exploits12References3
CVE
CVE
added 2000/07/12 4:0 a.m.54 views

CVE-2000-0404

The CVE-2000-0404 issue affects the CIFS Computer Browser service and allows remote denial of service by sending a ResetBrowser frame to the Master Browser ("ResetBrowser Frame" vulnerability). Connected sources confirm the vulnerability impact is a network-denial of service and describe two rela...

5CVSS6.7AI score0.19621EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder