EUVD-2025-120288

Malicious code in xenon-build-server-forever npm...

MAL-2025-149643 Malicious code in xenon-build-server-forever (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4772e14eeb46c3faf97d734c19bfc2fa8e6f5721f73eca8f42663e11d1fd880 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2024-0284

Malicious code in bioql PyPI...

EUVD-2025-5907

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-6395

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with roo...

ToDesktop 代码注入漏洞

ToDesktop is an application from ToDesktop, Inc. that converts a Web application code base into a cross-platform desktop application with native functionality. A security vulnerability exists in versions of ToDesktop prior to 2024-10-03, which stems from a postinstall script that allows a remote...

CVE-2025-27554

ToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows remote attackers to execute arbitrary commands on the build server e.g., read secrets from the desktopify config.prod.json file, and consequently deploy updates to any app, via a postinstall script in...

CVE-2025-27554

CVE-2025-27554 affects ToDesktop builds prior to 2024-10-03 where a postinstall script in package.json can be abused to execute arbitrary commands on the build server (e.g., reading secrets from the desktopify config.prod.json) and deploy updates to any app. Multiple sources note no exploitation ...

CVE-2025-27554

ToDesktop before 2024-10-03, as used by Cursor before 2024-10-03 and other applications, allows remote attackers to execute arbitrary commands on the build server e.g., read secrets from the desktopify config.prod.json file, and consequently deploy updates to any app, via a postinstall script in...

Fedora 39 : python-templated-dictionary (2024-f69989e7dd)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f69989e7dd advisory. Fixing CVE-2023-6395 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for th...

CVE-2023-6395

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, whic...

CVE-2023-6395

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, whic...

UBUNTU-CVE-2023-6395

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, whic...

CVE-2023-6395

CVE-2023-6395 describes a privilege-escalation vulnerability in Mock related to unsandboxed Jinja2 template expansion/execution within certain configuration parameters. The issue can allow an attacker to execute arbitrary code with root privileges on the build server when less-privileged users in...

CVE-2023-6395 Mock: privilege escalation for users that can access mock configuration

The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, whic...

PT-2024-1297 · Mock +1 · Mock +1

Name of the Vulnerable Software and Affected Versions: Mock affected versions not specified Description: The Mock software contains a vulnerability that could potentially be exploited for privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems...

Webmin password_change.cgi Backdoor

This module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate occasions: onc...

UPDATE: FactionC2 2019-10-20

PenTestIT RSS Feed FactionC2 2019-10-20 was released a couple of days ago by the author. This C2 framework was briefly mentioned in my previous post titled List of Open Source C2 Post-Exploitation Frameworks. This release most importantly contains upgrades to .Net Core 3 version among additional...

Webmin 1.920 password_change.cgi Backdoor Exploit

This Metasploit module exploits a backdoor in Webmin versions 1.890 through 1.920. Only the SourceForge downloads were backdoored, but they are listed as official downloads on the project's site. Unknown attackers inserted Perl qx statements into the build server's source code on two separate...

Backdoor Found in Utility for Linux, Unix Servers

In an unnerving twist, when a critical zero-day vulnerability was reported in a Unix administration tool, called Webmin, it was revealed the flaw was no accident. According to researchers, the vulnerability was a secret backdoor planted in the popular utility nearly a year before its discovery. T...