219 matches found
MAL-2025-192616 Malicious code in @pluxee-design-system/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b95edac344588e8262b1cfdc979c7eb4585329df2ce47b7adc45f23930971e7b The package @pluxee-design-system/core was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview pluxee-design-system is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in pluxee-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701f52cd229baaf8a44c372915a6bdbcc5510c156fb75c21d23c932d51ccde2f The package pluxee-design-system was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-200008
Malicious code in pluxee-design-system npm...
MAL-2025-191502 Malicious code in pluxee-design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 701f52cd229baaf8a44c372915a6bdbcc5510c156fb75c21d23c932d51ccde2f The package pluxee-design-system was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191236 Malicious code in @ifings/design-system (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8a2d458b22985eaf37f768018a4359ed4e32182c1c21f0f204e440b8f37772f The package @ifings/design-system was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-199307
Malicious code in @ifings/design-system npm...
@antonyfaris/prefix-node-builtins (>=1.0.0 <=1.0.1), @anyauth/design-system (>=0.5.0 <=0.5.1) +18 more potentially affected by CVE-2025-64764 via astro (>=5.0.0-beta.5 <=5.15.6)
astro NPM version =5.0.0-beta.5, =1.0.0, =0.5.0, =0.0.1, =0.1.0, =0.0.1, =2.18.7, =0.1.2-alpha.1, =0.0.28, =0.0.28, =1.13.2, =0.1.8, =1.0.21, =1.0.22 and more Source cves: CVE-2025-64764 Source advisory: SNYK:JS-ASTRO-14059122...
CVE-2025-12082
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12083
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
EUVD-2025-36873
Drupal CivicTheme Design System allows Cross-Site Scripting XSS...
GHSA-H72Q-CQ3W-H3WC Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
Drupal CivicTheme Design System allows Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
EUVD-2025-36874
Drupal CivicTheme Design System allows Forceful Browsing...
GHSA-QXR9-F877-9842 Drupal CivicTheme Design System allows Forceful Browsing
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
Drupal CivicTheme Design System allows Forceful Browsing
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing. This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12082
Incorrect Authorization vulnerability in Drupal CivicTheme Design System allows Forceful Browsing.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
CVE-2025-12083
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal CivicTheme Design System allows Cross-Site Scripting XSS.This issue affects CivicTheme Design System: from 0.0.0 before 1.12.0...
Drupal CivicTheme Design System 安全漏洞
Drupal CivicTheme Design System is a theme design plugin for the Drupal community. A security vulnerability exists in Drupal CivicTheme Design System versions prior to 1.12.0 that stems from improper authorization and could lead to a forced browsing attack...
Drupal CivicTheme Design System 安全漏洞
Drupal CivicTheme Design System is a theme design plugin for the Drupal community. A security vulnerability exists in Drupal CivicTheme Design System versions prior to 1.12.0, which stems from improper input neutralization during page generation and could lead to a cross-site scripting attack...