7 matches found
EUVD-2025-55040
Malicious code in daily-green-hawk npm...
Malicious code in daily-green-hawk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4743d24a01477230ba6fcc7e5883b11236d12335f77de3fe807d66f886a7b4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-67609 Malicious code in daily-green-hawk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4743d24a01477230ba6fcc7e5883b11236d12335f77de3fe807d66f886a7b4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2014-7800
The Daily Green aka it.opentt.blog.dailygreen application 2014.07 dlygrn for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Information disclosure
The Daily Green aka it.opentt.blog.dailygreen application 2014.07 dlygrn for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7800
The Daily Green aka it.opentt.blog.dailygreen application 2014.07 dlygrn for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-7800
The CVE-2014-7800 entry concerns The Daily Green (Android app, 2014.07 dlygrn) that does not verify X.509 certificates when connecting to SSL servers. The root cause is missing TLS certificate validation, enabling man-in-the-middle attackers to spoof servers and potentially disclose sensitive inf...