EUVD-2024-3233

Malicious code in bioql PyPI...

Malicious code in heft-example-plugin-02 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f52fccc098ff9fe7c2f46b5653ed058f4f080380c5de5ab9943c413c30f1ee8 The OpenSSF Package Analysis project identified 'heft-example-plugin-02' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

MAL-2025-41292 Malicious code in heft-example-plugin-02 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6f52fccc098ff9fe7c2f46b5653ed058f4f080380c5de5ab9943c413c30f1ee8 The OpenSSF Package Analysis project identified 'heft-example-plugin-02' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

Malicious code in heft-example-plugin-01 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 38de8533a1fa4ae454f1c4c690239b429820ddf54aa69925be16c418d54f6a2b The OpenSSF Package Analysis project identified 'heft-example-plugin-01' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

MAL-2025-41291 Malicious code in heft-example-plugin-01 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 38de8533a1fa4ae454f1c4c690239b429820ddf54aa69925be16c418d54f6a2b The OpenSSF Package Analysis project identified 'heft-example-plugin-01' @ 99.0.9 npm as malicious. It is considered malicious because: - The...

MAL-2025-41290 Malicious code in heft-example-lifecycle-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fce75dcff1360927b5ed18017c2b53424afe03e0c1f53f13505883d9fe23fd55 The OpenSSF Package Analysis project identified 'heft-example-lifecycle-plugin' @ 99.0.9 npm as malicious. It is considered malicious because: -...

MAL-2025-5286 Malicious code in rush-mcp-example-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4593979eeb7174aea0989af27a63ee606786e382185ca406a15e9d4368c687b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross-site Scripting (XSS)

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper sanitization of user input in device-overview.blade.php, used by the...

PT-2024-33668 · Librenms · Librenms +1

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.10.0 Description: The application fails to properly sanitize user input, allowing an attacker to execute malicious JavaScript code. This issue occurs when a user with an Admin role adds Notes to a device and the...

Malicious code in app-next-example-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8ca79ef64add6f7047e7d406bfa4128511f415f4e21c16722d1da3c6d4d14721 The OpenSSF Package Analysis project identified 'app-next-example-plugin' @ 3.3.3 npm as malicious. It is considered malicious because: - The...