31 matches found
MAL-2026-5788 Malicious code in @solana-labs/web3js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b79f799d106eaad2a09af8eac8b3ac64a46966e392ec423461facd26dc958705 This package impersonates the legitimate @solana/web3.js library under a confusable scope @solana-labs/web3js. On npm install, the postinstall hook...
Apache ActiveMQ Jolokia Security Auditor
This is a security assessment tool for Apache ActiveMQ deployments that expose the Jolokia management interface. It verifies connectivity, evaluates authentication status, retrieves Jolokia agent information, and identifies accessible ActiveMQ broker instances through JMX endpoints...
EUVD-2024-0424
Malicious code in bioql PyPI...
EUVD-2024-0262
Malicious code in bioql PyPI...
EUVD-2024-0289
Malicious code in bioql PyPI...
Oracle Linux 9 : and / bug / fixes / for / NetworkManager (ELSA-2025-0377)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-0377 advisory. 1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routi...
Security and bug fixes for NetworkManager
1.48.10-5.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-5 - vpn: Support routing rules in vpn conenctions RHEL-73167 - vpn: Place gateway route to table defined in ipvx.route-table RHEL-73166 1:1.48.10-4 - Remove...
Bug fix of NetworkManager
1:1.40.16-18.0.1 - disable MPTCP handling by default Orabug: 35081472 - Fix ignore-carrier logic Orabug: 34956744 - Disable regeneration of the documentation Orabug: 34712048 - add connectivity check via Oracle servers Orabug: 32051972 - Disable the build of NetworkManager-config-connectivity-...
Oracle Linux 9 : NetworkManager (ELSA-2024-9317)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9317 advisory. 1.48.10-2.0.1 - disable MPTCP handling by default Orabug: 34801142 - add connectivity check via Oracle servers Orabug: 32051972 1:1.48.10-2 - cloud-setup: Allow...
CVE-2023-46359
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature...
Command injection
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature...
CVE-2023-46359
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature...
CVE-2023-46359
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a specifically crafted arguments passed to the connectivity check feature...
GHSA-8525-52VG-JV6V Qualys Jenkins Plugin for Policy Compliance XML External Entity vulnerability
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs...
GHSA-5GWH-R76W-934H Qualys Jenkins Plugin for WAS XML External Entity vulnerability
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize t...
Qualys Jenkins Plugin for Policy Compliance Cross-site Scripting vulnerability
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access and access to configure o...
Qualys Jenkins Plugin for WAS XML External Entity vulnerability
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize t...
Design/Logic Flaw
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize t...
Cross site scripting
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access and access to configure o...
CVE-2023-6149 Possible XXE vulnerability in Jenkins Plugin for Qualys Web Application Security
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize t...