Malicious code in team-portal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf80f4dc8a828d3686ff11039376a7c45d8fcfc2424f006ac52ae528030a6547 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-21465

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.34. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2022-32013

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via eris/admin/category/index.php?view=edit=...

CVE-2022-32015

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=category=...

CVE-2022-32018

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=hiring=...

CVE-2022-35162

Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting XSS vulnerability via the CATEGORY parameter at /category/controller.php?action=edit...

CVE-2022-32010

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/user/index.php?view=edit=...

CVE-2022-32017

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result=bytitle...

CVE-2022-32016

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/index.php?q=result=bycompany...

CVE-2022-32012

Complete Online Job Search System v1.0 is vulnerable to SQL Injection via /eris/admin/employee/index.php?view=edit=...

CVE-2022-29316

Complete Online Job Search System v1.0 was discovered to contain a SQL injection vulnerability via /eris/index.php?q=result=advancesearch...

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...

CVE-2020-25228

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3. A service available on port 10005/tcp of the affected devices could allow complete access to all services without authorization. An attacker could gain full control over an affected device, if he has access...

CVE-2019-11414

An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the administrator password is changed from a certain client IP address, administrative authorization remains available to any client at that IP address, leading to complete control of the router...

CVE-2019-17564

Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4,...

SUSE CVE-2022-49871

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napigetfrags kmemleak reports after running testprogs: unreferenced object 0xffff8881b1672dc0 size 232: comm "testprogs", pid 394388, jiffies 4354712116 age 841.975s hex dump first 32 bytes: e0 84 d7...

CVE-2025-4248

A vulnerability has been found in SourceCodester Simple To-Do List System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /completetask.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The...

CVE-2025-4248

CVE-2025-4248 affects SourceCodester Simple To-Do List System 1.0. The vulnerability arises in the file /complete_task.php where manipulating the ID parameter enables SQL injection. Multiple connected sources confirm remote exploitation and public disclosure of the exploit. Impact is described ac...

CVE-2023-53116

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmetreqcomplete An nvme target -queueresponse operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointe...

DEBIAN-CVE-2022-49871

In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix memory leaks of napigetfrags kmemleak reports after running testprogs: unreferenced object 0xffff8881b1672dc0 size 232: comm "testprogs", pid 394388, jiffies 4354712116 age 841.975s hex dump first 32 bytes: e0 84 d7...