Malicious code in passport-openpass-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0761835d95103228401a69c1b951451a6a5698da0f7edec16514d5072d6b6051 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11756 Malicious code in passport-openpass-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0761835d95103228401a69c1b951451a6a5698da0f7edec16514d5072d6b6051 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @aws-sdk-examples/libs (npm)

--- -= Per source details. Do not edit below this line.=-...

Exploit for Deserialization of Untrusted Data in Alibaba Fastjson

CVE-2022-25845-In-Spring !Languagehttps://img.shields.io/b...

Cross-site Scripting (XSS)

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper sanitization of user input in device-overview.blade.php, used by the...

PT-2024-33668 · Librenms · Librenms +1

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.10.0 Description: The application fails to properly sanitize user input, allowing an attacker to execute malicious JavaScript code. This issue occurs when a user with an Admin role adds Notes to a device and the...

aglow (>=0.1.0rc3 <=0.1.0rc4), ai-flow (>=0.1.0 <=0.3.1) +5 more potentially affected by CVE-2024-50378 via apache-airflow (>=2.0.0 <=2.0.2)

apache-airflow PYPI version =2.0.0, =0.1.0rc3, =0.1.0, =0.3.12, =11.8.0, =13.7.0 - gps-building-blocks =1.2.2 - neuro-airflow-plugin =0.0.1 Source cves: CVE-2024-50378 Source advisory: SNYK:PYTHON-APACHEAIRFLOW-8366329...

MAL-2024-10482 Malicious code in dre-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29592555095a1b8521f2ae36968975aec4436b3690547f7cf9348e330312957d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dre-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29592555095a1b8521f2ae36968975aec4436b3690547f7cf9348e330312957d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Leverage the Power of 45k, free, Hugging Face Models with Spring AI and Ollama

This blog post is co-authored by our great contributor Thomas Vitale. Ollama now supports all GGUF models from Hugging Face , allowing access to over 45,000 community-created models through Spring AI's Ollama integration, runnable locally. We'll explore using this new feature with Spring AI. The...

MAL-2024-9427 Malicious code in omise-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd9b3fdf30ee1fe797c8e5dae15567ab22d58f003ac1d570f2b6655af66dd5a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in omise-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd9b3fdf30ee1fe797c8e5dae15567ab22d58f003ac1d570f2b6655af66dd5a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in isomorphic-random-example (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9673 Malicious code in isomorphic-random-example (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in example-gtm (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-9607 Malicious code in example-gtm (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in braintree_express_example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d099bf20fe3b1d17efadfd0e185e8a178edf635e5754d26c3710e5b99c2a1404 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-43485

A flaw was found in dotnet. In System.Text.Json, applications that deserialize input to a model with an ExtensionData property can be vulnerable to an algorithmic complexity attack, resulting in a denial of service. Mitigation Red Hat has investigated whether a possible mitigation exists for this...

Exploit for Code Injection in Crushftp

EN GenCrushSSTIExploit is a PoC exploit tool targeting the...

Malicious code in arkose-vue2-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9008418a813522522804dfaf58f73128ae52ca85667b506962284ddbfc3141bf The OpenSSF Package Analysis project identified 'arkose-vue2-example' @ 1.0.0 npm as malicious. It is considered malicious because: - The packag...