MAL-2023-8657 Malicious code in testepoc20232 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8dd5987640ec3b65ed0eff65c7d86690471fd73590b96b95eb64f407e8a6dd74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8652 Malicious code in cannotdelete (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 05bb625bfc6b79438d4640ec1ac56dc05c2aae9ab8d9ed8bc080896f5af18253 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8638 Malicious code in discord-sounds (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd6b0c891e0a48196a53cec18f1cce102281436e4acbf4a45af7444166378496 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-5275

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service DoS condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the...

CVE-2023-5274

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service DoS condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the...

Input validation

Improper Input Validation vulnerability in simulation function of GX Works2 allows an attacker to cause a denial-of-service DoS condition on the function by sending specially crafted packets. However, the attacker would need to send the packets from within the same personal computer where the...

Malicious code in get-twitter-status (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 992f6ba616e5ed005fc045132424ad5c64e7a9d61fb073bb5891bd7f5c3f9f0c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8645 Malicious code in get-twitter-status (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 992f6ba616e5ed005fc045132424ad5c64e7a9d61fb073bb5891bd7f5c3f9f0c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8635 Malicious code in @lognex/services-translate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d91ab6817c04922158a903afca0dcaaca5ecd44b0fa61757e7ed4c0011fc18f8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8634 Malicious code in @lognex/services-routing (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb68d761341d32450d82133ab94ed7d4f473b382988da338777e80955064a1c2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8630 Malicious code in @lognex/ecom-recommendations (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f0ab65eb1c1e53ad84ab09e9426d718197e6137500c81a66639f4e4249e39edb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8633 Malicious code in @lognex/services-event (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba6d3d357986e72d67ec3f308dd50c1159d1fb8d2a740a5eca2ba15388295d6d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8631 Malicious code in @lognex/notifications (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa9236ea5d072a10fa7e7acc48f2a65e85f8ad6cc9edd1158828a3ff4db63ba6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-49092

RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...

CVE-2023-6201

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Univera Computer System Panorama allows Command Injection. This issue affects Panorama: before 8.0...

CVE-2023-6151

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users.This issue affects e-municipality module: before v.105...

CVE-2023-6150

The CVE-2023-6150 issue affects the Eskom Computer e-municipality module (versions prior to 105). The root cause is improper privilege management via the use of Privileged APIs, enabling collection of data provided by users and leading to potential information disclosure. Affected behavior is tha...

Malicious code in dusrtt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 887b8aa099ab19624a642510e7775c2dabfea446420fc3cda1a29d5c3a20770b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8625 Malicious code in @ukncsc/my-ncsc-ui-common-core (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9535a39a8207d1d902daf4cfaaad312cc4bae19928fa3d2311e2be1f0ec9b027 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ESKOM Computer e-municipality module security vulnerability

ESKOM Computer e-municipality module is an application from ESKOM Inc. A security vulnerability exists in versions prior to ESKOM Computer e-municipality module v.105 that stems from improper privilege management and allows collection of user-supplied data...