EUVD-2023-1221

Malicious code in bioql PyPI...

CVE-2024-36066

The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier. CMP includes password-based MAC as one of the options for message integrity and authentication the...

io.hawt:hawtio-wildfly (=2.17.7), io.kokuwa.keycloak:keycloak-event-metrics (>=0.1.0 <=1.0.0) +133 more potentially affected by CVE-2023-6236 via org.wildfly.security:wildfly-elytron-http-oidc (>=1.15.7.Final <=2.2.4.Final)

org.wildfly.security:wildfly-elytron-http-oidc MAVEN version =1.15.7.Final, =0.1.0, =9.4.45.v20220203, =9.4.45.v20220203, =9.4.45.v20220203, =10.0.8, =12.0.1, =12.0.1, =12.0.1, =10.0.10, =13.0.0.CR1, =3.1.0.Final, =3.1.1.Alpha1 - org.jboss.resteasy.spring:galleon-feature-pack-layers-metadata-test...

CVE-2023-29194

Vitess is a database clustering system for horizontal scaling of MySQL. Users can either intentionally or inadvertently create a keyspace containing / characters such that from that point on, anyone who tries to view keyspaces from VTAdmin will receive an error. Trying to list all the keyspaces...

@codedungeon/gunner (>=0.38.0 <=0.80.1), @codedungeon/laravel-versions-cli (=0.1.0) +22 more potentially affected by CVE-2021-3807 via ansi-regex (>=4.0.0 <=4.1.0)

ansi-regex NPM version =4.0.0, =0.38.0, =0.0.65, =0.0.0, =0.0.41, =0.0.12, =0.0.0, =0.2.0, =3.3.69, =0.0.3, =0.2.11, =5.1.0, =4.0.58, =3.0.58, =6.0.17, =6.1.110 and more Source cves: CVE-2021-3807 Source advisory: OSV:GHSA-93Q8-GQ69-WQMW...

Interactsh - An OOB Interaction Gathering Server And Client Library

Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external interactions, For example - Blind SQLi, Blind CMDi, SSRF, etc. Features DNS/HTTP/SMTP Interaction support CLI Client / Web Dashboard support AES encryption with zero logging...

@bionicmetrics/bionic (>=1.2.0 <=1.3.6), @smoosee/wakemeup (>=1.0.9 <=1.20.0) +8 more potentially affected by CVE-2020-7627 via node-key-sender (>=1.0.11 <=1.0.9)

node-key-sender NPM version =1.0.11, =1.2.0, =1.0.9, =1.5.0, =0.0.1, =1.0.0, =1.0.5, =0.9.0, =1.2.1, =1.1.0, =2.2.0 Source cves: CVE-2020-7627 Source advisory: SNYK:JS-NODEKEYSENDER-564261...

Pulsar - Network Footprint Scanner Platform - Discover Domains And Run Your Custom Checks Periodically

Pulsar is an automated network footprint scanner for Red Teams, Pentesters and Bounty Hunters. Its focused on discovery of organization public facing assets with minimal knowledge about its infrastructure. Along with network data visualization, it attempts to give a basic vulnerability score to...