CVE-2019-12130

In ONAP CLI through Dublin, by accessing an applicable port 30234, 30290, 32010, 30270, 30224, 30281, 30254, 30285, and/or 30271, an attacker gains full access to the respective ONAP services without any authentication. All ONAP Operations Manager OOM setups are affected...

CVE-2025-1977

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...

abc-network (>=0.1.0 <=0.1.3), accelerometry-annotator (>=3.2.0 <=3.4.2) +192 more potentially affected by CVE-2026-21883 via bokeh (>=3.0.0 <=3.8.1)

bokeh PYPI version =3.0.0, =0.1.0, =3.2.0, =0.2.1, =2.3.0, =1.0.0, =3.2.2, =0.3.1.1, =1.77.5, =0.2.0, =0.1.1, =0.1.0, =1.4.0, =1.0.1, =1.2.3 and more Source cves: CVE-2026-21883 Source advisory: SNYK:PYTHON-BOKEH-14894275...

@datatitian/vega (=5.17.0), @lumere/vega (=5.17.0) +4 more potentially affected by CVE-2025-66648 via vega-functions (>=5.8.0 <=6.0.0)

vega-functions NPM version =5.8.0, =2.5.0, =5.16.0, =5.16.0, =6.1.2 Source cves: CVE-2025-66648 Source advisory: SNYK:JS-VEGAFUNCTIONS-14872001...

MAL-2026-55 Malicious code in lium-io-gztensor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f87521be2fb53979b969dc362d41bfcf6c9f860f8d6517a76889a81dedc06a1 This is a typosquatting/dependency confusion package that is part of a campaign embedding malicious code but was found before the malicious code was injected...

Malicious code in gztensor-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6010189e23e54782200df770b6e40ed7e37284779c25f28cd145aadd9ee8b623 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...

MAL-2026-2 Malicious code in common-cli-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4c7bdeaa334d938afac649a1c3195ff47bf6fef18168e78b61ad22c6252450 The package common-cli-utils was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in common-cli-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b4c7bdeaa334d938afac649a1c3195ff47bf6fef18168e78b61ad22c6252450 The package common-cli-utils was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2026-0022

Malicious code in common-cli-utils npm...

Insufficiently Protected Credentials

Overview rdsai-cli is an AI-powered CLI tool for Relation database management and analysis Affected versions of this package are vulnerable to Insufficiently Protected Credentials due to insecure local storage of sensitive credentials. An attacker can exploit this by accessing the configuration...

CVE-2025-1977

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...

CVE-2025-1977

The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges vulnerability CVE-2025-1977 that allows an authenticated user with read-only access to perform unauthorized configuration changes through the MCC Moxa CLI Configuration tool. The issue can be exploited remote...

Exploit for CVE-2025-59532

CVE-2025-59532 Docker Environment A Docker-based research env...

CVE-2018-25145

Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows authenticated attackers to download sensitive system configuration files. Attackers can retrieve configuration files from multiple directories including '/www', '/etc/mcli/', and '/tmp' to access syst...

eq3btsmart (=0.0.0), fauxmo (>=0.1.0 <=0.3.6) +8 more potentially affected by CVE-2025-65713 via homeassistant (>=0.10.1 <=2025.7.4)

homeassistant PYPI version =0.10.1, =0.1.0, =1.1.5, =0.0.0, =2021.4.0, =0.4.11, =1.2.0, =0.1.1, =0.108.0, =0.109.0 Source cves: CVE-2025-65713 Source advisory: OSV:GHSA-PP3G-XMM4-5CW9...

Malicious code in chalk-cli (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-192896 Malicious code in chalk-cli (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-26787

CVE-2025-26787 affects Keyfactor SignServer prior to 7.2. The issue arises from a logic error in the SignServer container startup routine: the Admin CLI command intended to configure certificate access at the initial startup is executed on every container restart, resetting the access policy to "...

CVE-2025-65637 affecting package cf-cli for versions less than 8.4.0-26

CVE-2025-65637 affecting package cf-cli for versions less than 8.4.0-26. A patched version of the package is available...

MAL-2025-192618 Malicious code in adk-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector eaa79ad3f20525e947d85a4aef9c78e0c79c2377ac01d03bbb8153dc256efe7c The package adk-cli was found to contain malicious code. Source: ghsa-malware 201d1358b161ed151cde448595832eccef539099208ee82dec74ea4fa1ddb8a8 Any...