Malicious Package

Overview tailwind-config-setting is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

EUVD-2025-32658

Malicious code in tailwind-config-setting npm...

Malicious code in tailwind-config-setting (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f3a671a6c3e625ad567f217586db00e2b324ca408c883c44ac1b74ebf292ffef Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2017-15520

Malware in sbrugna...

EUVD-2023-52365

Malicious code in bioql PyPI...

CVE-2023-48305

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the userldap app logged user passwords in...

CVE-2023-48305 Nextcloud Server user_ldap app logs user passwords in the log file on level debug

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the userldap app logged user passwords in...

CVE-2023-48305 Nextcloud Server user_ldap app logs user passwords in the log file on level debug

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Server and Nextcloud Enterprise Server, when the log level was set to debug, the userldap app logged user passwords in...

user_ldap app logs user passwords in the log file on level debug

None...

Code injection

Nextcloud is an open source home cloud server. When Memcached is used as memcache.distributed the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Users unable to upgra...

CVE-2023-45148 Rate limiter not working reliable when Memcached is installed in Nextcloud

Nextcloud is an open source home cloud server. When Memcached is used as memcache.distributed the rate limiting in Nextcloud Server could be reset unexpectedly resetting the rate count earlier than intended. Users are advised to upgrade to versions 25.0.11, 26.0.6 or 27.1.0. Users unable to upgra...

PT-2023-17267 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue concerns the failure to redact sensitive information from audit logs. Specifically, it affects the user password during user creation and the user password hash in other...

TOTOLINK A7000R 操作系统命令注入漏洞

The TOTOLINK A7000R is a wireless router from China's Gion Electronics TOTOLINK. An operating system command injection vulnerability exists in TOTOLINK A7000R version V9.1.0u.6115B20201022, which stems from a command injection issue with the addEffect parameter in the setting/setTracerouteCfg...