12350 matches found
EUVD-2026-29491
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
CVE-2026-8111
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
CVE-2026-8111
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
CVE-2026-8111
CVE-2026-8111 describes an SQL injection in the web console of Ivanti Endpoint Manager prior to 2024 SU6. The vulnerability allows a remote authenticated attacker to achieve remote code execution via the web console, as indicated by the description and CVSS metrics (High, 8.8). Affected product: ...
CVE-2026-8111
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
CVE-2026-8111
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution...
BIT-PGBOUNCER-2026-6667 PgBouncer missing authorization check in KILL_CLIENT admin command
PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILLCLIENT admin command. All users with access to the administration console which itself requires authorization could run this command. It would have been correct to allow only users listed in the adminusers...
Malicious code in 88q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb830829cae1605ff7626653a2470db03cd5a5aab98b3f0a7f5912eaf244561b The main entrypoint index.js runs an IIFE at require time that monkey-patches the global console.warn and console.error methods. After the override,...
MAL-2026-3676 Malicious code in 88q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb830829cae1605ff7626653a2470db03cd5a5aab98b3f0a7f5912eaf244561b The main entrypoint index.js runs an IIFE at require time that monkey-patches the global console.warn and console.error methods. After the override,...
Malicious code in 66o (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ba0e9f968d627812a2a4efbb8631d3400b6c19692c7668c8e511e2808aaa62 On require, index.js replaces the global console object with a Proxy index.js:36-73 that intercepts console.error/info/warn calls anywhere in the hos...
MAL-2026-3674 Malicious code in 66o (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3ba0e9f968d627812a2a4efbb8631d3400b6c19692c7668c8e511e2808aaa62 On require, index.js replaces the global console object with a Proxy index.js:36-73 that intercepts console.error/info/warn calls anywhere in the hos...
Malicious code in 6cc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4956159952af1b6af08b70ab219d7827988fae1fd82994f29090a1f2bf299094 index.js executes on require as an IIFE that reassigns console.warn/error and adds console.SL/FB/N to forward arguments via fetch to a hardcoded...
MAL-2026-3675 Malicious code in 6cc (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4956159952af1b6af08b70ab219d7827988fae1fd82994f29090a1f2bf299094 index.js executes on require as an IIFE that reassigns console.warn/error and adds console.SL/FB/N to forward arguments via fetch to a hardcoded...
Malicious code in 8q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a10addd46910ba157e59c0c301c15ea56de73adb23c4d3422520b67876cdc0e The package's declared main entry router.js is an IIFE that runs the moment an installer's code executes require'8q' or import '8q'. On load it...
MAL-2026-3678 Malicious code in 8q (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a10addd46910ba157e59c0c301c15ea56de73adb23c4d3422520b67876cdc0e The package's declared main entry router.js is an IIFE that runs the moment an installer's code executes require'8q' or import '8q'. On load it...
MAL-2026-3671 Malicious code in 1co (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e09cc40cc6a0084f383fd0a359be04fa0d0e5aed50e9f4b78d8714868fc35ca4 The package's main entry index.js exports a console replacement whose.info method silently POSTs caller-provided arguments to a hardcoded Telegram...
Malicious code in 1co (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e09cc40cc6a0084f383fd0a359be04fa0d0e5aed50e9f4b78d8714868fc35ca4 The package's main entry index.js exports a console replacement whose.info method silently POSTs caller-provided arguments to a hardcoded Telegram...
Malicious code in 8oo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c949ba1ac1cd3a6c96d3f1fc8c32cdc64cb9474fa07dd6633ebf4f69073a495 The package's main entry index.js executes an IIFE at require time that loads 66o.js, which replaces the global console with a Proxy. Every intercept...
MAL-2026-3677 Malicious code in 8oo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8c949ba1ac1cd3a6c96d3f1fc8c32cdc64cb9474fa07dd6633ebf4f69073a495 The package's main entry index.js executes an IIFE at require time that loads 66o.js, which replaces the global console with a Proxy. Every intercept...
Malicious code in 11j (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ad371791d84a3c28ca12b62bae45a07567847b7df025c93611f8f504a1c869 the analysis identified unambiguous malicious behavior in log.js the package main: an IIFE executes on require/import that monkey-patches...