4 matches found
MAL-2026-6337 Malicious code in hunsterx-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32f2430d6e0da9484283d0012a16df0c593ccb5fa2a56ea727bd19ba435f964f preinstall.js executes a chain of evalBuffer.from'','base64'.toString payloads at npm install time. The decoded payloads collect host identity...
Malicious code in walmart-shared-modules (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e6bfb508fa412e49b249eaf5529f175ebb14f0e7d9fe19a119e8cc9acf25505a Package declares preinstall: node poc.js, which on npm install collects host identity os.hostname, whoami/id, ipconfig/ip a output, scrapes environme...
AD Manager Plus 7122 Remote Code Execution
Exploit Title: AD Manager Plus 7122 - Remote Code Execution RCE Exploit Author: Chan Nyein Wai & Thura Moe Myint Vendor Homepage: https://www.manageengine.com/products/ad-manager/ Software Link: https://www.manageengine.com/products/ad-manager/download.html Version: Ad Manager Plus Before 7122...
Exploit for Deserialization of Untrusted Data in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
PoC exploit for CVE-2021-44228, a vulnerability in the Log4j Java library. The target product/service is Log4j, a Java logging library, and the vulnerability class/vector is a Remote Code Execution RCE vulnerability. The probable entry point is the "sendDetectionRequest" function in the...