@newskit-render/auth (>=0.5.1 <=0.31.0), @newskit-render/core (>=0.57.0 <=1.40.0) +4 more potentially affected by CVE-2022-35924 via next-auth (>=0.0.0-manual.83c4ebd1 <=3.1.0)

next-auth NPM version =0.0.0-manual.83c4ebd1, =0.5.1, =0.57.0, =0.35.0, =1.1.0, =0.0.1, =0.0.5 Source cves: CVE-2022-35924 Source advisory: OSV:GHSA-XV97-C62V-4587...

Fixed in Apache Tomcat 10.0.23

Low: Apache Tomcat XSS in examples web application CVE-2022-34305 The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability. This was fixed with commit 1a7e95d9. This issue was reported to the Apache Tomcat Securit...

Exploit for OS Command Injection in Apache Spark

CVE-2022-33891 Apache Spark Shell Command Injection Vulnerabil...

com.hindog.grid:grid-executor-examples_2.11 (>=1.1.0 <=2.0.1) potentially affected by CVE-2021-34538 via org.apache.hive:hive (=2.1.1)

org.apache.hive:hive MAVEN version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.hive:hive and may be impacted: - com.hindog.grid:grid-executor-examples2.11 =1.1.0, =2.0.1 Source cves: CVE-2021-34538 Source advisory:...

8x8: Public Apache Tomcat /examples example directory

@mrk0anti reported to us an exposed Apache Tomcat /examples example directory. The issue has been rectified, as we removed the directory from the host & restricted access...

Apache Tomcat 8.5.50 < 8.5.82 Cross-Site Scripting

The version of Apache Tomcat installed on the remote host is 8.5.50 to 8.5.81, 9.0.30 to 9.0.64, 10.0.0-M1 to 10.0.22 or 10.1.0-M1 to 10.1.0-M16. It is, therefore, affected by a Cross-Site Scripting XSS vulnerability. The Form authentication example in the examples web application displayed user...

GHSA-6J88-6WHG-X687 Cross-site Scripting in Apache Tomcat

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

DEBIAN-CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

Cross site scripting

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

CVE-2022-34305 XSS in examples web application

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

CVE-2022-34305

In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

Malicious Package

Overview influxdb-client-examples is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Malicious Package

Overview handsontable-examples is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Apache Tomcat 9.0.30 < 9.0.65

The version of Tomcat installed on the remote host is prior to 9.0.65. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat9.0.65security-9 advisory. - In Apache Tomcat 10.1.0-M1 to 10.1.0-M16, 10.0.0-M1 to 10.0.22, 9.0.30 to 9.0.64 and 8.5.50 to 8.5.81 the Form...

Tomcat -- XSS in examples web application

Apache Tomcat reports: The Form authentication example in the examples web application displayed user provided data without filtering, exposing a XSS vulnerability...

Msprobe - Finding All Things On-Prem Microsoft For Password Spraying And Enumeration

Finding all things on-prem Microsoft for password spraying and enumeration. The tool will used a list of common subdomains associated with your target apex domain to attempt to discover valid instances of on-prem Microsoft solutions. Screenshots of the tool in action are below: Installing Install...

Malicious code in patreon-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b4c9c5b8c53ac331becc99f1d1b6de3dd3bcd03c7fee11e5d4a6684c32024b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5229 Malicious code in patreon-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3b4c9c5b8c53ac331becc99f1d1b6de3dd3bcd03c7fee11e5d4a6684c32024b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...