8655 matches found
EUVD-2025-122077
Malicious code in semantic-ui-fork-development-jest npm...
EUVD-2025-114472
Malicious code in development-ursa-upgrade-kaus npm...
EUVD-2025-116249
Malicious code in babel-development-jabbah-lacerta npm...
MAL-2025-143314 Malicious code in hermes-development-browserify-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 603d2d8cb661d4bfb2a2f0cae3ab47d384a2ec9b7bd2980e68a0ee846b0d175c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-141625 Malicious code in development-mui-avior-halley (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 847441eefbf7f87609313b98589bff9e11ed701a7d8cef315a07e5b6dc2f7cb0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
PT-2025-46671
Name of the Vulnerable Software and Affected Versions CentralSquare Community Development version 19.5.7 Description A SQL Injection issue exists in CentralSquare Community Development 19.5.7. Attackers can inject SQL code through the permit no field. Recommendations Update to a newer version tha...
CVE-2025-64280
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...
CVE-2025-59491
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
CVE-2025-64281
An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to access the admin panel without admin credentials...
CentralSquare Community Development 安全漏洞
CentralSquare Community Development is a public affairs department software system for local governments from CentralSquare USA. A security vulnerability exists in CentralSquare Community Development version 19.5.7 that originates from cross-site scripting in form fields...
CentralSquare Community Development 安全漏洞
CentralSquare Community Development is a public affairs department software system for local governments from CentralSquare USA. A security vulnerability exists in CentralSquare Community Development version 19.5.7, which stems from an authentication bypass that could result in unauthorized acces...
CVE-2025-59491
Cross Site Scripting vulnerability in CentralSquare Community Development 19.5.7 via form fields...
CVE-2025-64280
CVE-2025-64280 affects CentralSquare Community Development 19.5.7. The vulnerability is a SQL injection through the permit_no field caused by unfiltered input in the application, with CVSS v3.1 base score 9.8 (CRITICAL). The impact targets confidentiality, integrity, and availability. No exploita...
PT-2025-46668
Name of the Vulnerable Software and Affected Versions CentralSquare Community Development version 19.5.7 Description A Cross Site Scripting issue exists in CentralSquare Community Development. The issue is present in form fields, potentially allowing for malicious script injection. Recommendation...
CVE-2025-64280
A SQL Injection Vulnerability in CentralSquare Community Development 19.5.7 allows attackers to inject SQL via the permitno field...
CVE-2025-64281
CVE-2025-64281 describes an authentication bypass in CentralSquare Community Development version 19.5.7 that allows attackers to access the admin panel without admin credentials. The connected sources confirm the affected product and version, the issue is labeled as a high-impact vulnerability (C...
CentralSquare Community Development 安全漏洞
CentralSquare Community Development is a public affairs department software system for local governments from CentralSquare USA. A security vulnerability exists in CentralSquare Community Development version 19.5.7 that stems from unfiltered input in the permitno field, which could lead to an SQL...
EUVD-2025-93390
Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install...
Malicious code in mjtagb-devapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b567fe4fc4cda6d3126ad6ab4f7c81bdd872b51e52164c1eaeb33f9a175f2276 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-67673
Malicious code in putra-martabak47-apidev npm...