15487 matches found
Malicious code in web-chat-portal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5e1410c02449b7f9317f68317b69ec23e5601c189018c375ccdcb1d453def943 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-7130
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS. This issue affects KION Exchange Programs Software: before 1.21.9092.29966...
CVE-2024-7130 Reflected XSS in Kion Computer's KION Exchange Programs Software
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS. This issue affects KION Exchange Programs Software: before 1.21.9092.29966...
CVE-2024-7130 Reflected XSS in Kion Computer's KION Exchange Programs Software
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kion Computer KION Exchange Programs Software allows Reflected XSS. This issue affects KION Exchange Programs Software: before 1.21.9092.29966...
CVE-2024-7130
CVE-2024-7130 describes a Reflected XSS in KION Exchange Programs Software (affected: versions before and including 1.21.9092.29966) due to improper neutralization of input in web page generation. The vulnerability affects the programsearch.aspx endpoint where the searchtext parameter is not sani...
PT-2024-17095 · Irfanview · Irfanview
Name of the Vulnerable Software and Affected Versions: IrfanView affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this issue, where the target must visit a...
Malicious code in filter-engine-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c494b140465be2de8cadcbe5fcaf5f82d7980ca863eeb3cba9e6d9e0e762ebc9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cljs-dopeloop (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9232bb9421a218946057ab6688d62120e80b911ca38062d0ae6c42a951d2cddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in scm-retail-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d5c9460f2f7b76b7df92b6f3c8f8237b18cac972b6424471eae0ccd9c78963d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rollup-plugin-amd-output-enhance (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3dce851722a146abc3b5df317ad799e1753177138eeb4efa09300da2f6625f08 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in prxy-chain (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7ba7e4f495217937a8213c982cd27fd211680e174266b6ae21aa6c24beaebf20 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-7787
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting XSS. This issue affects vSRM Supplier Relationship Management System: before...
MAL-2024-10698 Malicious code in commitlint-config-jira-type-infra (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3a60114c639e9e20430efd4c98505d38340a52eece4ea1eb6eca3117556cc63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in axios-older (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1047fb8be55bb9b1906e2bc7b0b46f5194ebb21fe15d16f8c194ddcd95083bdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10695 Malicious code in babel-plugin-transform-vuex-analysis (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 661cbd3eaaae7ee5bb113192279e6ba2e72c5c5363fe668209893a70debd3248 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10693 Malicious code in axios-older (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1047fb8be55bb9b1906e2bc7b0b46f5194ebb21fe15d16f8c194ddcd95083bdb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in promotion-banner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb9a77d5820e57e492fd4a0d3edaac6b239670f384d4cee56d88007f9550184b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10703 Malicious code in logjs4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2db9ce61ae79bc8f972d6275198581d1924f054967dfead3abccc970d1b77daf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-7787 Reflected XSS in ITG Computer Technology's vSRM Supplier Relationship Management System
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting XSS. This issue affects vSRM Supplier Relationship Management System: before...
CVE-2024-7787 Reflected XSS in ITG Computer Technology's vSRM Supplier Relationship Management System
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ITG Computer Technology vSRM Supplier Relationship Management System allows Reflected XSS, Cross-Site Scripting XSS. This issue affects vSRM Supplier Relationship Management System: before...