MAL-2025-4376 Malicious code in mshop2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b230b23967aac14c732f470e9bfd9d34d27bf592c1e3ca7150e827ef17cf5e91 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4409 Malicious code in tenslots (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9f95166f5aa514f66ff9b0b93e38854038d01c0b74644b9e64aae7b2af17218 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4342 Malicious code in estatement-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2d1698e2eb52857509dec5140bc7c61a137d2005a1c097bdb0cbab9d5c1e77a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in url-project (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d8a74e201fe0f57bea3516ddf0b2117217189749e17a77ef5219bf7df33abe79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4294 Malicious code in @elementor-editor-github-actions/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca0d018cb1686918115a926a22fcb726e9d6aac8d9d35e08948585ffa5e7a91f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4293 Malicious code in @demoability/loadgen-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77bc624f36bdc284db27e9759ccf30fab22108a753042ccbd6a575fc26f90b79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4322 Malicious code in com.unity.ml-agents (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bfceda90642153626d064813e4c0c601ca81d18a6c5fd9e96855cbdee511db13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4305 Malicious code in blog-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e572e251b32145d6856f8000dca0bbf112278ecc3f967ed61626010e0a0f9c5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in com.unity.xr-line-renderer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 688c31fe545231e784aa21aa3349d80f9a04b02f893a52510f1be2216609f80f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4324 Malicious code in com.unity.netcode.gameobjects (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 131cc29f9c925613b77fd6e6c06f43433bdc5a9511461af56fd519562408c3c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-33281

Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any frames...

CVE-2022-23427

PendingIntent hijacking vulnerability in KnoxPrivacyNoticeReceiver prior to SMR Feb-2022 Release 1 allows local attackers to access media files without permission via implicit Intent...

CVE-2022-32237

When a user opens manipulated Computer Graphics Metafile .cgm, CgmCore.dll files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-30046

VIGRA Computer Vision Library Version-1-11-1 contains a segmentation fault vulnerability in the impex.hxx readimageband function, in which a crafted file can cause a denial of service...

CVE-2021-27585

When a user opens manipulated Computer Graphics Metafile .CGM format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application...

CVE-2021-37124

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain...

CVE-2025-48066

CVE-2025-48066 affects wire-webapp; a regression stopped the client from deleting local data on logout for both public and regular clients. Data could remain on the device, and in some cases encryption-at-rest cryptographic material could not be exported. The issue was fixed in wire-webapp versio...

CVE-2020-26507

A CSV Injection also known as Formula Injection vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. By providing formula code in the “Notes” functionality in the main screen, an attacker can inject a payload into th...

CVE-2020-18753

An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to the system and escalate privileges via a crafted packet...

CVE-2020-23741

In AnyView network police network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash BSOD...