CVE-2020-20490

A heap buffer-overflow in the clientexample1.c component of libieciccpmod v1.5 leads to a denial of service DOS...

Malicious code in hypernova-simple-example (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-4182 Malicious code in hypernova-simple-example (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2019-17377

cPanel before 82.0.15 allows self XSS in LiveAPI example scripts SEC-524...

CVE-2019-1010300

mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: serverexamplecomplexarray. The attack vector is: Send a specific MMS protocol packet...

Malicious code in example-marko-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 553d816403e5dd786bafbe39f79c521cc2e5bd1917b425aefd7d5f34c96400b6 The OpenSSF Package Analysis project identified 'example-marko-webpack' @ 100.0.2 npm as malicious. It is considered malicious because: - The...

MAL-2025-3950 Malicious code in example-marko-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 553d816403e5dd786bafbe39f79c521cc2e5bd1917b425aefd7d5f34c96400b6 The OpenSSF Package Analysis project identified 'example-marko-webpack' @ 100.0.2 npm as malicious. It is considered malicious because: - The...

GHSA-QHR6-MGQR-MCHM Vyper's `concat()` builtin may elide side-effects for zero-length arguments

Impact concat may skip evaluation of side effects when the length of an argument is zero. this is due to a fastpath in the implementation which skips evaluation of argument expressions when their length is zero:...

Cross-site Scripting (XSS)

Overview label-studio is a Label Studio annotation tool Affected versions of this package are vulnerable to Cross-site Scripting XSS via the labelconfig parameter in labelstudio/projects/views.py. An attacker can execute arbitrary scripts in the context of the user's browser by sending malicious...

Malicious code in guardian-advanced-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13770fcd17968777cc4e0cab25b94ac990143f0e65b24dd910678e9b3f677539 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PYSEC-2025-124

Label Studio is a multi-type data labeling and annotation tool. A vulnerability in versions prior to 1.18.0 allows an attacker to inject a malicious script into the context of a web page, which can lead to data theft, session hijacking, unauthorized actions on behalf of the user, and other attack...

PYSEC-2025-124

Label Studio is a multi-type data labeling and annotation tool. A vulnerability in versions prior to 1.18.0 allows an attacker to inject a malicious script into the context of a web page, which can lead to data theft, session hijacking, unauthorized actions on behalf of the user, and other attack...

org.apache.iotdb:client-example (>=2.0.1-beta <=2.0.2-1), org.apache.iotdb:customize-mqtt-example (=2.0.1-beta) +8 more potentially affected by CVE-2025-26864 via org.apache.iotdb:node-commons (>=2.0.1-beta <=2.0.2-1)

org.apache.iotdb:node-commons MAVEN version =2.0.1-beta, =2.0.1-beta, =2.0.1-beta, =2.0.2-1 - org.apache.iotdb:iotdb-distribution =2.0.1-beta - org.apache.iotdb:iotdb-server =2.0.1-beta - org.apache.iotdb:pipe-count-point-processor-example =2.0.1-beta - org.apache.iotdb:trigger-example =2.0.1-bet...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the confKey parameter. An attacker can execute arbitrary scripts in the context of the victim's browser session by injecting a malicious payload into this parameter. Note: This is only exploitable if the...

Label Studio 跨站脚本漏洞

Label Studio is an open source data labeling tool from Heartex Open Source. It allows you to label data types such as audio, text, images, video, and time series using a straightforward UI and export to a variety of model formats. A cross-site scripting vulnerability exists in Label Studio versio...

CVE-2025-46833 Programs/P73_SimplePythonEncryption.py has weak cryptographic key

Programs/P73SimplePythonEncryption.py illustrates a simple Python encryption example using the RSA Algorithm. In versions prior to commit 6ce60b1, an attacker may be able to decrypt the data using brute force attacks and because of this the whole application can be impacted. This issue has been...

Exploit for Out-of-bounds Write in Openprinting Cups

CUPS-Exploit Heap-based buffer overflow example based on C...

MAL-2025-3678 Malicious code in ascpc-npm-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7dfc46bf902782d78e5120173d965b16776b6f7d52ac27e8b6a05eb734290dce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Ensure That Old Passwords Are Verified When Users Change Them

To prevent a third party from maliciously changing the password of another user, the old password must be verified when a user changes the password. According to the common practice in the industry, the old password does not need to be verified when the root user changes its own password. The roo...

MAL-2025-3597 Malicious code in msl-example-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c52efb23287b19a22a63e448d5f7075ec0f2e9410801d21797a93a6caf6180b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...