GO-2025-4139 esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript in github.com/esm-dev/esm.sh

esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript in github.com/esm-dev/esm.sh...

SIGB PMB 安全漏洞

SIGB PMB is an open source integrated library management system from SIGB. A security vulnerability exists in SIGB PMB version v8.0.1.14, which stems from improper handling of the parameters id and datas in the component /opaccss/ajaxselector.php, which could lead to a SQL injection attack...

PT-2025-48069

Name of the Vulnerable Software and Affected Versions SIGB PMB version 8.0.1.14 Description The software contains multiple SQL injection flaws in the /opac css/ajax selector.php component. These flaws are triggered through the id and datas parameters. The component is susceptible to manipulation...

Fedora 43 : webkitgtk (2025-6f3e9e3af6)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-6f3e9e3af6 advisory. Prevent unsafe URI schemes from participating in media playback. Make jscvaluearraybuffergetdata function introspectable. Fix logging in to Google...

CVE-2025-61167

SIGB PMB v8.0.1.14 contains multiple SQL injection vulnerabilities in the /opac_css/ajax_selector.php component, exploitable via the id and datas parameters. Root cause: improper handling of user-supplied input in that endpoint allows SQL commands to be injected, potentially leading to unauthoriz...

Malicious code in ids-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 050d0a8d9340c416d7410787a1a7b2c5e6cec36eb17bacecca14a2cfbcbf76c5 The package ids-css was found to contain malicious code. Source: ghsa-malware 03812dbf5f0120164f355aae423e3fad2e899eb9164b4468f7fd91844d33b35e Any...

EUVD-2025-199146

Malicious code in ids-css npm...

MAL-2025-191106 Malicious code in ids-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 050d0a8d9340c416d7410787a1a7b2c5e6cec36eb17bacecca14a2cfbcbf76c5 The package ids-css was found to contain malicious code. Source: ghsa-malware 03812dbf5f0120164f355aae423e3fad2e899eb9164b4468f7fd91844d33b35e Any...

EUVD-2025-199185

Malicious code in barebones-css npm...

Malicious code in barebones-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6b6723c24807a6fb2e90c2f5e0f7238e1a2c25e2602ab7f4ba4bb3d0f13efe The package barebones-css was found to contain malicious code. Source: ghsa-malware 32d179a02b1e407d2a71cf2912a7c87d6419900b71e13260889103a40736d0f6...

MAL-2025-191070 Malicious code in barebones-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a6b6723c24807a6fb2e90c2f5e0f7238e1a2c25e2602ab7f4ba4bb3d0f13efe The package barebones-css was found to contain malicious code. Source: ghsa-malware 32d179a02b1e407d2a71cf2912a7c87d6419900b71e13260889103a40736d0f6...

Malicious code in obj-to-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16c28013383e05a71d5da9d3d7c0d685a6355e42251a9527e769061e13ce54bb The package obj-to-css was found to contain malicious code. Source: ghsa-malware ada9fa1c509e4ac91c240ba95d3953b53291943071c42aa967d243bd17682078 Any...

EUVD-2025-199227

Malicious code in obj-to-css npm...

MAL-2025-191136 Malicious code in obj-to-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16c28013383e05a71d5da9d3d7c0d685a6355e42251a9527e769061e13ce54bb The package obj-to-css was found to contain malicious code. Source: ghsa-malware ada9fa1c509e4ac91c240ba95d3953b53291943071c42aa967d243bd17682078 Any...

EUVD-2025-199090

Malicious code in css-dedoupe npm...

Malicious code in css-dedoupe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7708f95527bfb987e5bf71ee911acffc550f40aff1b046d3249c9504c14fd52f The package css-dedoupe was found to contain malicious code. Source: ghsa-malware 9bad835f3386b87b3ce781849db6a96394982d6a092ee635c731d854493dd197 An...

MAL-2025-190953 Malicious code in css-dedoupe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7708f95527bfb987e5bf71ee911acffc550f40aff1b046d3249c9504c14fd52f The package css-dedoupe was found to contain malicious code. Source: ghsa-malware 9bad835f3386b87b3ce781849db6a96394982d6a092ee635c731d854493dd197 An...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...