51 matches found
Updated vim packages fix security vulnerabilities
Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...
MGASA-2026-0167 Updated vim packages fix security vulnerabilities
Heap Buffer Overflow in spell file loading affects Vim 9.2.0450. CVE-2026-45130 Vimscript Code Injection in netrw NetrwMarkFile via crafted filename affects Vim 9.2.0480. CVE-2026-43961 Command Injection in tar.vim affects Vim 9.2.0479. CVE-2026-46483 Vimscript Code Injection in netrw...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44290 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44290 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643420...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44288 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44288 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643235...
CVE-2018-1000144
A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseActiondoDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these...
@dev-blinq/cucumber_client (>=1.0.5-amdocs <=1.0.1478-stage) potentially affected by unknown CVE via @dev-blinq/cucumber-js (>=1.0.1-amdocs <=1.0.131-dev)
@dev-blinq/cucumber-js NPM version =1.0.1-amdocs, =1.0.5-amdocs, =1.0.1478-stage Source cves: unknown CVE Source advisory: OSV:MAL-2025-191212...
MAL-2025-191212 Malicious code in @dev-blinq/cucumber-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d1132d88ae30e1bec8fa386e5fcc5d015e82a253136ad4122d98d8ab816e1d38 The package @dev-blinq/cucumber-js was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199502
Malicious code in @dev-blinq/cucumber-js npm...
Malicious code in @dev-blinq/cucumber_client (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db4a451970465311f6a1d2b9ac8b4713f2f4ff114aa37c12dd0daff6032c8ab6 The package @dev-blinq/cucumberclient was found to contain malicious code. Source: ghsa-malware...
@dev-blinq/cucumber_client (>=1.0.976-stage <=1.0.1137-dev) potentially affected by unknown CVE via @dev-blinq/cucumber_client (=1.0.1119-stage)
@dev-blinq/cucumberclient NPM version =1.0.1119-stage is affected by a known vulnerability. The following packages have a transitive dependency on @dev-blinq/cucumberclient and may be impacted: - @dev-blinq/cucumberclient =1.0.976-stage, =1.0.1137-dev Source cves: unknown CVE Source advisory:...
EUVD-2025-199324
Malicious code in @dev-blinq/cucumberclient npm...
@dev-blinq/ai-qa-logic (>=1.0.0 <=1.0.18), @dev-blinq/cucumber_client (>=0.0.1 <=1.0.1633-dev) potentially affected by unknown CVE via automation_model (>=1.0.1-amdocs <=1.0.894-dev)
automationmodel NPM version =1.0.1-amdocs, =1.0.0, =0.0.1, =1.0.1633-dev Source cves: unknown CVE Source advisory: OSV:MAL-2025-191066...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
EUVD-2025-77186
Malicious code in cucumber-notthedevs npm...
Malicious Package
Overview cucumber-js-cypress-cucumber is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
MAL-2025-48620 Malicious code in cucumber-js-cypress-cucumber (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70db607bb8c970e11a45d9a570b2d97a6a3293ca89e4a789c6a8163b9ebf78cb Any computer that has this package installed or running should be considered...
Malicious code in cucumber-js-cypress-cucumber (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 70db607bb8c970e11a45d9a570b2d97a6a3293ca89e4a789c6a8163b9ebf78cb Any computer that has this package installed or running should be considered...
Malicious Package
Overview cucumber-js-browserstack is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious code in cucumber-js-browserstack (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c2f1891754984c705408dd02f9fb37660e1d4d84780ad4be25a83910d1eb789d Any computer that has this package installed or running should be considered...