CVE-2026-32281 vulnerabilities

Vulnerabilities for packages: secrets-store-csi-driver-provider-aws, kubernetes-csi-external-snapshotter, infinispan-operator, kubernetes-dashboard-metrics-scraper, eksctl, mc, flux-operator, kserve-modelmesh-serving, newrelic-nri-statsd, gatekeeper, kubeflow-katib, sftpgo,...

MAL-2025-120211 Malicious code in gastric_crocodile_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79281c5a6a3bc84e3ab2ba3ca876638df8f9f82573cb9b1d0a1333431f2ec264 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2023-2524

Malicious code in bioql PyPI...

EUVD-2023-2400

Malicious code in bioql PyPI...

EUVD-2023-2567

Malicious code in bioql PyPI...

EUVD-2023-2457

Malicious code in bioql PyPI...

EUVD-2023-2458

Malicious code in bioql PyPI...

CVE-2023-43616 vulnerabilities

Vulnerabilities for packages: croc...

GHSA-8C8W-F7WP-2JR2 vulnerabilities

Vulnerabilities for packages: croc...

CVE-2023-43616 vulnerabilities

Vulnerabilities for packages: croc...

GHSA-8C8W-F7WP-2JR2 vulnerabilities

Vulnerabilities for packages: croc...

Fedora: Security Advisory (FEDORA-2023-4c1050f439)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GO-2023-2073 Croc sender may send dangerous new files to receiver in github.com/schollz/croc

Croc sender may send dangerous new files to receiver in github.com/schollz/croc...

GO-2023-2071 Sender can cause a receiver to overwrite files during ZIP extraction in Croc in github.com/schollz/croc

Sender can cause a receiver to overwrite files during ZIP extraction in Croc in github.com/schollz/croc...

GO-2023-2070 Croc requires senders to provide local IP addresses in cleartext in github.com/schollz/croc

Croc requires senders to provide local IP addresses in cleartext in github.com/schollz/croc...

GO-2023-2068 Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device in github.com/schollz/croc

Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device in github.com/schollz/croc...

GO-2023-2069 Croc may expose secret to local users in github.com/schollz/croc

Croc may expose secret to local users in github.com/schollz/croc...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: trivy, caddy, fulcio, http-echo, kube-bench, opa, kube-state-metrics, git-lfs, prometheus-beat-exporter-fips, snyk-cli, metacontroller, ko-fips, newrelic-nri-statsd, external-secrets-fips, cadvisor, sonobuoy, vertical-pod-autoscaler-fips, prometheus-pushgateway,...

Fedora 39 : golang-github-schollz-croc (2023-4c1050f439)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4c1050f439 advisory. Automatic update for golang-github-schollz-croc-9.6.4-1.fc39. Changelog Fri May 19 2023 Mikel Olasagasti Uranga - 9.6.4-1 - Update to 9.6.4 - Closes...

Sensitive Information Exposure

github.com/schollz/croc is vulnerable to Sensitive Information Exposure. The vulnerability is due to the way croc uses the leading three characters of a shared secret to select a common "room name". When custom shared secrets are used, the leading three characters might give away information abou...