15438 matches found
CVE-2025-47369 Information Exposure in Computer Vision
Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID...
CVE-2025-47369 Information Exposure in Computer Vision
Information disclosure when a weak hashed value is returned to userland code in response to a IOCTL call to obtain a session ID...
Malicious code in pycolorom (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6babcee81c12759b66be4c0a8ba33c3f0272b052a47fda31227f4a6087ba8e5b The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...
MAL-2026-85 Malicious code in elastic-docs-v3-utilities (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dc3812db2733b6d6bfaba2e5b7b08065e1b07291a2a58a6dfa589b31added3e6 The package elastic-docs-v3-utilities was found to contain malicious code. Source: ghsa-malware...
Malicious code in okta-loginpage-render (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48116f31c0b827072f94f6157837d2fcb3be3c6a9985584328216403280bd6bb The package okta-loginpage-render was found to contain malicious code. Source: ghsa-malware...
MAL-2026-77 Malicious code in polymarket-clob (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e650fcd9e5cec151122c4e59ee9f829a9f8f3afbc998be35354879cd24f5d8bf The package polymarket-clob was found to contain malicious code. Source: ghsa-malware c6f2692198b832546ebc0a47e287ea8e976cbbacae0f1963545cb4610ddd08b...
Malicious code in upgrade-mobile (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50fddf8ed26118557ffdca771219746de0194477c83724370ef30b18d858b1d0 The package upgrade-mobile was found to contain malicious code. Source: ghsa-malware a26e290558ffe604a105aa63eb83a2f6aae1e8656e947908c9d29c3c3b7632db...
CVE-2025-15240
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-15239
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-15237
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
Malicious code in eslint-supertest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 06b784b251ddb3666b203fa36b7e7cd4e9101ff8c468c9d32423a398f40a6689 The package eslint-supertest was found to contain malicious code. Source: ghsa-malware 01ffd1e84f1255f84c7876957e188eed9ab1dad03915006b9f463510c22590...
MAL-2026-62 Malicious code in oj-sp-common-strings (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5466d410ace77d36cbf4ad77f4ff2bec3030d7b19266a78de448ef1517b2679 The package oj-sp-common-strings was found to contain malicious code. Source: ghsa-malware...
TDM Digital Signage PC Player 安全漏洞
TDM Digital Signage PC Player is a specialized playback terminal software from the Dutch company TDM Digital Signage. A security vulnerability exists in TDM Digital Signage PC Player version 4.1.0.4, which stems from an elevation of privilege vulnerability that could result in replacing executabl...
CVE-2025-15240
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-15240
CVE-2025-15240 concerns Quanta Computer’s QOCA aim AI Medical Cloud Platform. Multiple trusted sources confirm an Arbitrary File Upload vulnerability that enables an authenticated remote attacker to upload and execute a WebShell backdoor, resulting in arbitrary code execution on the affected serv...
EUVD-2026-0902
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing authenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...
CVE-2025-15238
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-15236
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...
CVE-2025-15238
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read database contents...
CVE-2025-15236
QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability...