MAL-2024-1076 Malicious code in open-banking-reference-application (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 75747b956f1d359e555bc99c3edaf59e37fef0f5cd43e5db2318fbf35c25fe8d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

[SECURITY] Fedora 39 Update: grub2-2.06-118.fc39

The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of kernel formats, file systems, computer architectures and hardware devices...

MAL-2024-1073 Malicious code in dismissprovider (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e57b2c157fbb4ae27dd1ea7ddb8c370c151171838b953706151a60c3399716b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1069 Malicious code in ifl-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c61d2851c227be102bd3adf8e2fd3b9636e417c5f026c3bcc2b91000551c4f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1067 Malicious code in profectus-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 062a69a64c4e77b2e5cebc7f5d21c239c51139c4d420c9fbf2e616f23ec838a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-32264

CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer...

Update now! JetBrains TeamCity vulnerability abused at scale

JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTPS access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server...

MAL-2024-1060 Malicious code in unity-context (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d000b4d34f837a9755c05f72318c44ba0f8cf265e46224607cedae43aea73ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-1064 Malicious code in pet-profile-micro-interaction (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cd98e11aca525f441300cc29d3cebd96d52cee8d8620e951a805b48fe9305d33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Fedora: Security Advisory for vecmath1.2 (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: vecmath1.2-1.14-36.fc40

This is an unofficial implementation java source code of the javax.vecmath package specified in the JavaTM 3D API 1.2 . The package includes classes for 3-space vector/point, 4-space vector, 4x4, 3x3 matrix, quaternion, axis-angle combination and etc. which are often utilized for computer graphic...

[SECURITY] Fedora 40 Update: Mars-4.5-26.fc40

MARS is a lightweight interactive development environment IDE for programming in MIPS assembly language, intended for educational-level use with Patterson and Hennessy's Computer Organization and Design...

MAL-2024-1056 Malicious code in c3-pricecaster (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7b03dfb89422ee188083a005d46e87873b3548d2f360a07d2380736049483de0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

BIT-JUPYTER-NOTEBOOK-2021-32798 Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in notebook

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim...

UBUNTU-CVE-2024-26627

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Move scsihostbusy out of host lock for waking up EH handler Inside scsiehwakeup, scsihostbusy is called & checked with host lock every time for deciding if error handler kthread needs to be waken up. This can be too...

Malicious code in win32crypted (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a20fa9d2f01c5cc1893bbe4cfe5659f6bba9ce4dff54b741dbc46f5ded5402dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-2068

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated...

CVE-2024-2068

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated...

CVE-2024-2068 SourceCodester Computer Inventory System update-computer.php cross site scripting

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated...

CVE-2024-2068 SourceCodester Computer Inventory System update-computer.php cross site scripting

A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /endpoint/update-computer.php. The manipulation of the argument model leads to cross site scripting. The attack may be initiated...