79 matches found
EUVD-2024-29717
Malicious code in bioql PyPI...
EUVD-2024-29715
Malicious code in bioql PyPI...
EUVD-2024-29713
Malicious code in bioql PyPI...
EUVD-2024-29710
Malicious code in bioql PyPI...
EUVD-2024-29714
Malicious code in bioql PyPI...
Malicious code in embrace-wonder-bfq696-project (npm)
The package embrace-wonder-bfq696-project was found to contain malicious code...
Malicious code in embrace-inspire-wln181-project (npm)
The package embrace-inspire-wln181-project was found to contain malicious code...
Malicious code in embrace-uplift-dzx803-project (npm)
The package embrace-uplift-dzx803-project was found to contain malicious code...
MAL-2025-19588 Malicious code in embrace-inspire-wln181-project (npm)
The package embrace-inspire-wln181-project was found to contain malicious code...
MAL-2025-19590 Malicious code in embrace-wonder-bfq696-project (npm)
The package embrace-wonder-bfq696-project was found to contain malicious code...
MAL-2025-19589 Malicious code in embrace-uplift-dzx803-project (npm)
The package embrace-uplift-dzx803-project was found to contain malicious code...
CVE-2024-31841
An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem...
CVE-2024-31846
An issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or incorrectly restricts access to a resource from an unauthorized actor...
CVE-2024-31842
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of an authenticated user inside GET requests. The query string for the URL could be saved in the browser's history, passed through Referers to other web sites, stored in web logs, or otherwise recorded ...
CVE-2024-31847
An issue was discovered in Italtel Embrace 1.6.4. A stored cross-site scripting XSS vulnerability allows authenticated and unauthenticated remote attackers to inject arbitrary web script or HTML into a GET parameter. This reflects/stores the user input without sanitization...
CVE-2024-31843
An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System...
CVE-2024-31845
An issue was discovered in Italtel Embrace 1.6.4. The product does not neutralize or incorrectly neutralizes output that is written to logs. The web application writes logs using a GET query string parameter. This parameter can be modified by an attacker, so that every action he performs is...
CVE-2024-31844
An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside a...
CVE-2024-31840
An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the email server. Once the user access the edit function, the web application fills the edit form with the current...
Malicious code in embrace-helloworld (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 27c1c70726566294b9958ec5ab9d3af0e2d5e1c3dc9451f07055c6b650bfbd50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...