613 matches found
Malicious code in bodega-sdk (npm)
flow/surf-lending DeFi cred-exfil campaign sibling c1655. preinstall node index.js || true exfils env secrets to raw C2 2.25.140.71:8443/surflending/npm-confusion verified identical. No-renotify. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
CLEANSTART-2026-BM78291 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU
Multiple security vulnerabilities affect the dex package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. See references for individual vulnerability details...
CLEANSTART-2026-SQ76279 Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU
Multiple security vulnerabilities affect the dex package. Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU. See references for individual vulnerability details...
CVE-2020-28852 vulnerabilities
Vulnerabilities for packages: dex-k8s-authenticator...
GHSA-5RVP-Q2J7-H9RJ vulnerabilities
Vulnerabilities for packages: dex-k8s-authenticator...
CVE-2026-21006
Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to access to hidden notification contents...
CVE-2026-2695
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-8381
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.20.4 security update
Important: Red Hat OpenShift GitOps v1.20.4 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8784 Service-CA annotation removed from argocd-server Service during v1.12.3 - v1.12.4 upgrade path, persists in later versions GITOPS-9549...
CVE-2026-8381
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
CVE-2026-8381 Broken Access Control in TeamViewer DEX Platform (On Premises)
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
CVE-2026-8381 Broken Access Control in TeamViewer DEX Platform (On Premises)
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
CVE-2026-8381
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
EUVD-2026-31420
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
PT-2026-42736
A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...
TeamViewer DEX Platform On-Premises 安全漏洞
The TeamViewer DEX Platform On-Premises is a locally deployed digital employee experience management platform by the German company TeamViewer. Prior to version 9.2 of the TeamViewer DEX Platform On-Premises, there were security vulnerabilities. These vulnerabilities stemmed from incorrect...
EUVD-2026-30056
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...
CVE-2026-2695 Lack of Server-side validation in Instruction Input in TeamViewer DEX Platform (On-Premises)
A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...