EUVD-2008-7225

Malware in sbrugna...

EUVD-2020-18318

Malware in sbrugna...

MAL-2025-5841 Malicious code in xpvnsulc (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88e144cce5913bd8b818e88d9308fd1c10c0c7d58d905c8e570425d7c5f7ec49 Any computer that has this package installed or running should be considered...

CVE-2021-20833

The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not verify server certificate properly, which allows man-in-the-middle attackers to eavesdrop on and/or alter encrypted communication via a crafted certificate...

CVE-2010-1756

The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network...

Malicious code in inclusive-ai-dao-website (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1256786c01aeb97c5bae935d007b7939062250f307c5369a6a6597e12857995c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7553 Malicious code in sap-apage (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3c91d45468a5cfdd96604ea7d837d990b7485b5bc0f6ce7b02a7279ed33e71c0 The OpenSSF Package Analysis project identified 'sap-apage' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

IBM Security Guardium Trust Management Issues Vulnerability (CNVD-2020-32647)

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. IBM Security Guardium suffers from a trust management issue...

The snooping girl on a train, again. How to compromise a business

So, I’m on a train, again, sat at a four-seat table, next to two men facing each other. From their conversation and interactions I’ve concluded that they are colleagues. The chap to my left is clearly working on implementation plans for a building management system, for a company I know yeah, I g...

Schneider Electric Authenticated Communication Risk Vulnerability

OVERVIEW ICS-CERT received a report from Schneider Electric concerning an Authenticated Communication Risk vulnerability in the Schneider Electric Software Update SESU utility. This vulnerability was reported to Schneider Electric by security researcher Arthur Gervais. The SESU is a centralized...