Malicious code in @rsi-community/hub-client-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1809bcf5bcd98744f995fb8ad94581a2708daa99f40bf4e4d563e17c5c81b4b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5050 Malicious code in @rsi-community/hub-client-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1809bcf5bcd98744f995fb8ad94581a2708daa99f40bf4e4d563e17c5c81b4b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

How to Deploy Veeam Backup for Salesforce External Client App

Purpose This article documents how to create an External Client App ECA in Salesforce to integrate with Veeam Backup for Salesforce via Salesforce API. An ECA with proper permissions is required for Veeam Backup for Salesforce to integrate with Salesforce API using the OAuth 2.0 protocol. Solutio...

External Client App (ECA) for Veeam Data Cloud — Adapting to New Salesforce Security Requirements

Support Statement Summary of Changes to Salesforce Security Protocols Salesforce has introduced new security protocols for third-party applications accessing Salesforce organizations. This change affects all third-party products that integrate with Salesforce, requiring those vendors to transitio...

EUVD-2022-39482

Malicious code in bioql PyPI...

MAL-2025-47720 Malicious code in raas-client-app (npm)

--- -= Per source details. Do not edit below this line.=-...

SAP BusinessObjects Business Intelligence Platform 代码问题漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

Malicious code in cap-client-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f18ed3c31f0a20e7a224256d46a896df654fcaf6e60ac3f4fac7639672b320f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8753 Malicious code in cap-client-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f18ed3c31f0a20e7a224256d46a896df654fcaf6e60ac3f4fac7639672b320f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-44689

e-Gov Client Application Windows version versions prior to 2.1.1.0 and e-Gov Client Application macOS version versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the...

cloud.altemista.fwk.framework:cloud-altemistafwk-documentation (=3.1.0.RELEASE), cloud.altemista.fwk.message:cloud-altemistafwk-core-message-active-conf (>=3.0.0.RELEASE <=3.1.0.RELEASE) +706 more potentially affected by CVE-2012-6092 via org.apache.activemq:activemq-core (>=4.1.1 <=5.7.0)

org.apache.activemq:activemq-core MAVEN version =4.1.1, =3.0.0.RELEASE, =1.0, =1.0.0, =1.0.0, =0.4.2, =0.4.2, =0.4.2, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.0.0.rc1, =3.2.1 and more Source cves: CVE-2012-6092 Source advisory: OSV:GHSA-RP9P-863F-9C4H...

Spring Security OAuth - Open Redirector

Spring Security OAuth - Open Redirector Exploit Title: Open Redirector in spring-security-oauth2 Date: 17 June 2019 Exploit Author: Riemann Vendor Homepage: https://spring.io/projects/spring-security-oauth Software Link: https://spring.io Version: Spring Security OAuth versions 2.3 prior to 2.3.6...

CVE-2018-20014

In UrBackup 2.2.6, an attacker can send a malformed request to the client over the network, and trigger a fileservplugin/CClientThread.cpp CClientThread::GetFileHashAndMetadata NULL pointer dereference, leading to shutting down the client application...

Soroush IM Desktop App 0.17.0 - Authentication Bypass

Exploit Title: Soroush IM Desktop App 0.17.0 - Authentication Bypass Date: 2018-08-08 Exploit Author: VortexNeoX64 Vendor Homepage: https://soroush-app.ir Software Link: http://54.36.43.176/SoroushSetup0.17.0.exe Version: 0.17.0 BETA Tested on: Windows 10 1803 and windows server 2016 14393 Securi...

CVE-2017-14773

Skybox Manager Client Application (before 8.5.501) has an elevation of privileges vulnerability during authentication in a debugger-pause state. Exploitation requires a local authenticated attacker. Root cause details are not further specified in the provided documents. Remediation: upgrade to ve...

Uber: phone number exposure for riders/drivers given email/uuid

Hi , Summary I have found one more vulnerable endpoint that is leaking user's phone number when i submit UUID in the request. This attack works for both Driver and Rider. Security Impact We can get any Rider or Driver private phone number by knowing his UUID. Reproduction Steps 1 . Enter victim's...

Rocket.Chat: XSS via /api/v1/chat.postMessage

The victim could craft a custom message using the REST API that, once seen by the observer, executed arbitrary code in the context of the client user. The vulnerability was present in the attachment fields, where the first field's value could be used to inject HTML tags...

Logic Flaw Vulnerability at My NJ Client APP Change Password Function

My Nanjing Client APP is a city-level public service mobile application that integrates all kinds of living information in Nanjing. A logic flaw exists in the password change function of MyNJ Client APP. Since the original password is not verified when changing the password, it allows an attacker...

Cyclope Internet Filtering Proxy Cross Site Scripting

!/usr/bin/python Title: Cyclope Internet Filtering Proxy - Stored XSS Vuln. From: The eh?-Team || The Great White Fuzz we're not sure yet Found by: loneferret Software link: http://www.cyclope-series.com/download/index.aspx?p=2 Date Found: Oct 20th 2011 Tested on: Windows XP SP3 Professional /...