15493 matches found
MAL-2023-637 Malicious code in nokia-smp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2dd16f41855f78df40de39f97e0b9724df12d2b0f4caca18025ec16150be4a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2023-16777 · Sourcecodester · Sourcecodester Computer Parts Sales/Inventory System
Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Parts Sales and Inventory System version 1.0 Description: A vulnerability has been found in the SourceCodester Computer Parts Sales and Inventory System, affecting unknown code of the file customer.php. The manipulatio...
SourceCodester Computer Parts Sales and Inventory System SQL注入漏洞
Computer Parts Sales and Inventory System is a computer parts sales and inventory system by Warren Daloyan, an individual developer. A SQL injection vulnerability exists in SourceCodester Computer Parts Sales and Inventory System version 1.0, which originates from an unknown part of the...
PT-2023-16776 · Sourcecodester · Computer Parts Sales/Inventory System
Name of the Vulnerable Software and Affected Versions: SourceCodester Computer Parts Sales and Inventory System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file processlogin. The manipulation of the user argument leads to SQL injection. It i...
Malicious code in tsang-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b349833c412697b8091d1f61d201e3f3d2a4790697fb032342d7cf857782bbb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-909 Malicious code in tsang-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b349833c412697b8091d1f61d201e3f3d2a4790697fb032342d7cf857782bbb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-418 Malicious code in fca-sang-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 26e958aaeaf550771546cda5761bab1d5523e9534e6a66e7cabd19914ddb31ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-419 Malicious code in fca-sang-remake (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c5c8aca49062d679b17dbd133060c8466e8bd81a14cccad4ef8621a0fe435b3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as a result of the same adversary launching a second attack on its systems. The company said one of its DevOps engineers had their personal home compute...
MAL-2023-972 Malicious code in xman-internal (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf5c243019a4ec4df65a182a5f1e9cd5a48899107fcddd0cce2dafaedf57eb69 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-376 Malicious code in fca-aliya-anup (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7cd0ba8421ce7a7724cc51ff412e9a90358c8d9cc85ddca90576ae1c9c3d034 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-252 Malicious code in discord-colors (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01cbf37f0e61d41e10843d3b280789374dfa85d1d07218a752b29e0bdc040e91 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-256 Malicious code in discord.js-hakaiw (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c26a0c3867c1e183eee88f0eb989c91e58f92e1b05491da0461a4d927c41b1d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-254 Malicious code in discord.js-hakai (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5488203f0727b63f8b3eb9250adce4794c1e1b02337ff5708538666a8a1aca6b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-645 Malicious code in object-color (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c020aef40621d4925ef4f889be72db32fbe5408e09d1492bc4218b726174c3e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in notebooklanguageserver (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10d44ae2fa83d07ba50dafc11fe63ba5a774daa5f6968b01a3d5f44df8034f12 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-431 Malicious code in fca-zaaraowo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f952d090291fe13fd7bf80cdc078a8d705cad8e2f02c922163e9a0adf3433b8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-978 Malicious code in xsstesttttttttt (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc8748b83babc4682dcf2d5828d03fe1d54b31a1cce16fa636448eb65f310eb8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Design/Logic Flaw
The listed versions for Weintek EasyBuilder Pro are vulnerable to a ZipSlip attack caused by decompiling a malicious project file. This may allow an attacker to gain control of the user’s computer or gain access to sensitive data...
CVE-2023-0104
Weintek EasyBuilder Pro is affected by CVE-2023-0104 (ZipSlip via decompiling a malicious project file). Affected: v6.07.01 and prior, v6.07.02.479 and prior, v6.08.01.349 and prior. Risk: enables attackers to gain control of a user’s machine or access sensitive data. Mitigation: upgrade to v6.07...