32 matches found
MAL-2026-4445 Malicious code in @signetai/signet-memory-openclaw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b16e55a5379336a0ab822ee9fe70b20023e452595f41cfe2624464aadb73d390 On plugin load, register invokes installFetchSanitizer dist/index.js:14420-14463 which monkey-patches globalThis.fetch. For requests to...
Malicious code in @signetai/signet-memory-openclaw (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b16e55a5379336a0ab822ee9fe70b20023e452595f41cfe2624464aadb73d390 On plugin load, register invokes installFetchSanitizer dist/index.js:14420-14463 which monkey-patches globalThis.fetch. For requests to...
Improper Verification of Cryptographic Signature
Overview bsv-sdk is an A Ruby library for interacting with the BSV Blockchain — keys, scripts, transactions, and more. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the acquirecertificate function. An attacker can persist forged certificat...
EUVD-2022-30869
Malicious code in bioql PyPI...
EUVD-2022-3152
Malicious code in bioql PyPI...
CVE-2022-26308
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role...
Improper access control
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role...
CVE-2022-26308
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role...
UBUNTU-CVE-2022-26308
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role...
CVE-2022-26308 Improper Access Control in Configuration (Credential store)
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role...
PT-2022-17776 · Unknown · Pandora Fms
Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 7.0NG.760 and below Description: The issue allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the...
Artica Pandora FMS 安全漏洞
Artica Pandora FMS is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A security vulnerability exists in Artica Pandora FMS that stems from Pandora FMS v7.0NG.760 and lower allows incorrect...
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
The YARN NodeManager in Apache Hadoop 2.6.x before 2.6.5 and 2.7.x before 2.7.3 can leak the password for credential store provider used by the NodeManager to YARN Applications...
CVE-2022-26308
Pandora FMS v7.0NG.760 and below allows an improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role...
Improper Access Control in Configuration (Credential store)
Description Pandora FMS v7.0NG.759 allows improper access control in Configuration Credential store where a user with the role of Operator Write could create, delete, view existing keys which are outside the intended role. Proof of Concept Affected endpoint: POST...
GHSA-MQ8P-H798-XCRP Exposure of Sensitive Information in Hadoop
The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications...
Code injection
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and...
CVE-2018-9065
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and...
CVE-2018-9065
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and...
CVE-2018-9065
In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and...