Malicious code in @aircall-ecosystem/integrations-msteams-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4343cd15bb1d3104166b2ddf4f549bc184fde49233b5cfba97f353f00a8c2a2e The package @aircall-ecosystem/integrations-msteams-frontend was found to contain malicious code. Source: ghsa-malware...

MAL-2026-1938 Malicious code in @metaplex-foundations/umi-public-keys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48abfc0f902cd0f09b0c2ae7449eaefbf3b4baf1cb12e4165f509b86f7ad8692 The package @metaplex-foundations/umi-public-keys was found to contain malicious code. Source: ghsa-malware...

EUVD-2018-11281

Malware in sbrugna...

EUVD-2023-23450

Malicious code in bioql PyPI...

CVE-2024-33407

SQL injection vulnerability in /model/deleterecord.php in campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the id parameter...

MAL-2024-12026 Malicious code in pushservicejs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8875b705a6e055665ad1912b3f5aeca6578af2778e4b541e7061ae20d6ecbd01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in commitlint-plugin-marketing-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e40a92c14d0b0d561bab0beb5da5e3d3dfb66d329e8b0ff2100fb7a8a87468b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-42393

Technical details for CVE-2024-42393 are not publicly available in the provided documents. Monitor for updates from NVD/CVE and vendor advisories.

CVE-2024-41135

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...

CVE-2024-41134

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...

CVE-2024-41135 Authenticated Remote Code Execution in HPE Aruba Networking EdgeConnect SD-WAN Command Line Interface

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line Interface that allows remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability will result in the ability to execute arbitrary commands as...

CVE-2024-41134

CVE-2024-41134 affects HPE Aruba Networking EdgeConnect SD-WAN gateway CLI. The vulnerability allows remote authenticated users to execute arbitrary commands on the underlying host with root privileges, potentially leading to full system compromise. Documented impact is high (CVSS 3.1: 7.2, Netwo...

campcodes Complete Web-Based School Management System 安全漏洞

Campcodes Complete Web-Based School Management System is a web-based school management system from Campcodes, Inc. A security vulnerability exists in version 1.0 of the campcodes Complete Web-Based School Management System, which results from an SQL injection vulnerability in the eventid paramete...

Campcodes Complete Web-Based School Management System 跨站脚本漏洞

Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...

Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability

A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...

shim: RCE in http boot support may lead to Secure Boot bypass

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete...

CVE-2024-26297

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...

CVE-2024-26298

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...

CVE-2024-26296

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...

CVE-2024-26298

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to comple...