1622 matches found
MAL-2025-176 Malicious code in core-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ef412a8312b13b80beb12231488912f1488467e51c76b84f58deacd8e57488c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-23808
Cross-Site Request Forgery CSRF vulnerability in Dutch van Andel Custom List Table Example custom-list-table-example allows Reflected XSS.This issue affects Custom List Table Example: from n/a through = 1.4.1...
CVE-2025-23808
CVE-2025-23808 affects the WordPress plugin Custom List Table Example. The issue is described as CSRF leading to a reflected XSS, with a CVSS v3.1 base score of 7.1 (HIGH). Exploitation details, affected versions (from n/a through 1.4.1), and the reported status indicate this is a CSRF-to-reflect...
WordPress plugin Custom List Table Example 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site request forgery vulnerability exists in WordPress plugin Custom Li...
MAL-2025-87 Malicious code in example-app-next (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2be5a6457ed09a44d55d954a5176fe895a1cd866bf1ca6f3b6e20a105121f0ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in example-app-next (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2be5a6457ed09a44d55d954a5176fe895a1cd866bf1ca6f3b6e20a105121f0ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2025-4774 · Unknown · Next-Forge
Name of the Vulnerable Software and Affected Versions: next-forge affected versions not specified Description: The issue concerns a Next.js project boilerplate for modern web applications. A BASEHUB TOKEN is committed in the apps/web/.env.example file. Users are advised to avoid using this token...
[SECURITY] Fedora 40 Update: mupdf-1.24.6-2.fc40
MuPDF is a lightweight PDF viewer and toolkit written in portable C. The renderer in MuPDF is tailored for high quality anti-aliased graphics. MuPDF renders text with metrics and spacing accurate to within fractions of a pixel for the highest fidelity in reproducing the look of a printed page on...
Tsinghua Unigroup Archives Management System 安全漏洞
Tsinghua Unigroup Archives Management System is an electronic archives management system software from Tsinghua Unigroup China. A security vulnerability exists in Tsinghua Unigroup Archives Management System version 3.2.21080262532, which originates from a path traversal caused by the parameter...
Malicious code in byted-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 601d1b950741fa25c188fd49b91f64f95cd11170ccea1ac1e731ba8dee490ef6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11756 Malicious code in passport-openpass-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0761835d95103228401a69c1b951451a6a5698da0f7edec16514d5072d6b6051 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in passport-openpass-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0761835d95103228401a69c1b951451a6a5698da0f7edec16514d5072d6b6051 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @aws-sdk-examples/libs (npm)
--- -= Per source details. Do not edit below this line.=-...
Exploit for Deserialization of Untrusted Data in Alibaba Fastjson
CVE-2022-25845-In-Spring !Languagehttps://img.shields.io/b...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper sanitization of user input in device-overview.blade.php, used by the...
PT-2024-33668 · Librenms · Librenms +1
Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.10.0 Description: The application fails to properly sanitize user input, allowing an attacker to execute malicious JavaScript code. This issue occurs when a user with an Admin role adds Notes to a device and the...
aglow (>=0.1.0rc3 <=0.1.0rc4), ai-flow (>=0.1.0 <=0.3.1) +5 more potentially affected by CVE-2024-50378 via apache-airflow (>=2.0.0 <=2.0.2)
apache-airflow PYPI version =2.0.0, =0.1.0rc3, =0.1.0, =0.3.12, =11.8.0, =13.7.0 - gps-building-blocks =1.2.2 - neuro-airflow-plugin =0.0.1 Source cves: CVE-2024-50378 Source advisory: SNYK:PYTHON-APACHEAIRFLOW-8366329...
Malicious code in dre-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29592555095a1b8521f2ae36968975aec4436b3690547f7cf9348e330312957d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10482 Malicious code in dre-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29592555095a1b8521f2ae36968975aec4436b3690547f7cf9348e330312957d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Leverage the Power of 45k, free, Hugging Face Models with Spring AI and Ollama
This blog post is co-authored by our great contributor Thomas Vitale. Ollama now supports all GGUF models from Hugging Face , allowing access to over 45,000 community-created models through Spring AI's Ollama integration, runnable locally. We'll explore using this new feature with Spring AI. The...