29 matches found
Malicious code in @neon-i18n/core-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dbdc5bd090d8e85771f77fa3a7a113e08fbfb31de54ae399ed92565bdac246df The OpenSSF Package Analysis project identified '@neon-i18n/core-ui' @ 99.99.99 npm as malicious. It is considered malicious because: - The...
MAL-2026-5027 Malicious code in @neon-i18n/core-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis dbdc5bd090d8e85771f77fa3a7a113e08fbfb31de54ae399ed92565bdac246df The OpenSSF Package Analysis project identified '@neon-i18n/core-ui' @ 99.99.99 npm as malicious. It is considered malicious because: - The...
Malicious code in @cbreone/core-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7e204888ba2b9573e474d804f28f51173684bb25f640615a9eaae217c5e1a45 The package @cbreone/core-ui was found to contain malicious code...
EUVD-2025-198288
Malicious code in identity-authn-core-ui npm...
MAL-2025-190586 Malicious code in identity-authn-core-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db734e79e178dd70b53bb814581620da1604a06da4967555160d7dfd0d14e0c5 The package identity-authn-core-ui was found to contain malicious code. Source: ossf-package-analysis...
CVE-2021-47698
Nagios XI versions prior to 5.8.7 using embedded Nagios Core are vulnerable to cross-site scripting XSS via the Core UI’s Views URL handling escapestring. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
CVE-2021-47698
Nagios XI versions prior to 5.8.7 using embedded Nagios Core are vulnerable to cross-site scripting XSS via the Core UI’s Views URL handling escapestring. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
CVE-2021-47698 Nagios XI < 5.8.7 XSS in Core UI Views URL handling
Nagios XI versions prior to 5.8.7 using embedded Nagios Core are vulnerable to cross-site scripting XSS via the Core UI’s Views URL handling escapestring. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a...
MAL-2025-48503 Malicious code in phlex-core-ui (npm)
The package phlex-core-ui was found to contain malicious code...
Malicious code in phlex-core-ui (npm)
The package phlex-core-ui was found to contain malicious code...
Malicious code in paychex-framework-core-ui (npm)
The package paychex-framework-core-ui was found to contain malicious code...
MAL-2025-28936 Malicious code in paychex-framework-core-ui (npm)
The package paychex-framework-core-ui was found to contain malicious code...
MAL-2025-14884 Malicious code in as-core-ui (npm)
The package as-core-ui was found to contain malicious code...
Malicious code in as-core-ui (npm)
The package as-core-ui was found to contain malicious code...
MAL-2025-5836 Malicious code in tw-core-ui (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware effb17ff1202bd8522ed8a37591dc22da8c39ed2554771c3566b2ac7d4e356f2 Any computer that has this package installed or running should be considered...
Malicious code in tw-core-ui (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware effb17ff1202bd8522ed8a37591dc22da8c39ed2554771c3566b2ac7d4e356f2 Any computer that has this package installed or running should be considered...
MAL-2024-11817 Malicious code in planweb-core-ui (npm)
This package contains code to download a second stage payload which establishes a C2 connection and persistence via registry keys. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acc967a53ff92a71f6b9518c692bf641aa3595a3b65f28cc403b471c0474b175 Any computer that has...
Malicious code in planweb-core-ui (npm)
This package contains code to download a second stage payload which establishes a C2 connection and persistence via registry keys. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acc967a53ff92a71f6b9518c692bf641aa3595a3b65f28cc403b471c0474b175 Any computer that has...
com.github.linyuzai:concept-router-spring-boot-starter (=1.1.0), org.webjars.npm:cacheable-request (=2.1.4) +5 more potentially affected by CVE-2022-25881 via org.webjars.npm:http-cache-semantics (=3.8.1)
org.webjars.npm:http-cache-semantics MAVEN version =3.8.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:http-cache-semantics and may be impacted: - com.github.linyuzai:concept-router-spring-boot-starter =1.1.0 -...
Malicious code in mns-core-ui-dev (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dfae95502688907056860c2af741673e1eeccd248dcc866c008b8458933304bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...