8655 matches found
EUVD-2025-179494
Malicious code in crust-mui-development-norma npm...
EUVD-2025-175776
Malicious code in uranology-development-nucleosynthesis-rimraf npm...
EUVD-2025-176499
Malicious code in schema-wasat-development-bellatrix npm...
Malicious code in darkenergy-config-pulsar-development (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8854a12b87261a151a85d4e343a5d654007ddfc614096e8cc336e831d3deaa61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186575 Malicious code in development-dependencies-cybernetics-cryptography (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 394b529057f391623b292a4b60d7a51f780d22380dc2cdc5a4c2595970c8ba9a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-59491
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
CVE-2025-64280
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...
CVE-2025-64281
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...
An In-Depth Systematic Analysis of the Security, Usability, and Automation Capabilities of Password Update Processes on Top-Ranked Websites
Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical cyber hygiene measure. However, password update processe...
Astro 跨站脚本漏洞
Astro is a web framework for content-driven websites in the Astro open source. A cross-site scripting vulnerability exists in Astro versions 5.2.0 through prior to 5.15.6, which stems from a reflective cross-site scripting vulnerability in the development server error page that could lead to the...
PT-2025-46907
Name of the Vulnerable Software and Affected Versions Astro versions 5.2.0 through 5.15.6 Description A Reflected Cross-Site Scripting XSS vulnerability exists in Astro’s development server error pages when the trailingSlash configuration option is used. An attacker can inject arbitrary JavaScrip...
EUVD-2025-131924
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
EUVD-2025-131927
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...
EUVD-2025-131926
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...
EUVD-2025-131909
Sogexia Android App Compile Affected SDK v35, Max SDK 32 and fixed in v36, was discovered to contain hardcoded encryption keys in the encryptionhelper.dart file...
CVE-2025-59491
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
CVE-2025-59491
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
CVE-2025-64281
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...
CVE-2025-64281
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...
CVE-2025-64280
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...