366 matches found
CVE-2024-50307
Use of potentially dangerous function issue exists in Chatwork Desktop Application Windows versions prior to 2.9.2. If a user clicks a specially crafted link in the application, an arbitrary file may be downloaded from an external website and executed. As a result, arbitrary code may be executed ...
CVE-2024-47158
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be directed to a malicious website...
CVE-2024-47158
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be directed to a malicious website...
Malicious code in atg-superagent-retry-delay (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 75f0747e74a5e0a7d519918b8aceef9e8f4f9eaa0ad1854c1954276bb1c5166c The OpenSSF Package Analysis project identified 'atg-superagent-retry-delay' @ 100.100.100 npm as malicious. It is considered malicious because:...
CVE-2024-48937
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows XSS. JavaScript code in the short description of the SLA field in Activity Dialogues is executed...
CVE-2024-48937
Znuny has a cross-site scripting vulnerability (CVE-2024-48937) affecting Znuny before LTS 6.5.1–6.5.10 and 7.0.1–7.0.16, where JavaScript executed from the short description of the SLA field in Activity Dialogues can be triggered. The underlying issue is an XSS in the SLA short description conte...
GHSA-255W-87RH-RG44 Cross-site Scripting via uploaded SVG
In Sulu v2.0.0 through v2.6.4 are vulnerable against XSS whereas a low privileged user with an access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ other users including admins browsers...
Malicious code in @the-c-company/common-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e18cae6ce0c3de2fe7988c316471f5383433deaa0e8b9bf0376b69b634188218 The OpenSSF Package Analysis project identified '@the-c-company/common-utils' @ 1.0.0 npm as malicious. It is considered malicious because: - Th...
Calibre Python Code Injection (CVE-2024-6782)
This module exploits a Python code injection vulnerability in the Content Server component of Calibre v6.9.0 - v7.15.0. Once enabled disabled by default, it will listen in its default configuration on all network interfaces on TCP port 8080 for incoming traffic, and does not require any...
Malicious code in lit-3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 58fa9943fe7f3a2ad80c2d7ec817ab05718838e0aef345b7d44416f0f525cdc2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in broadcast-podlet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 73de5f4ddc33163129934b982d533ce73fdfe00485428f486f3b8d2312de1537 The OpenSSF Package Analysis project identified 'broadcast-podlet' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
CVE-2024-39457
Cybozu Garoon 6.0.0 to 6.0.1 contains a cross-site scripting vulnerability in PDF preview. If this vulnerability is exploited, an arbitrary script may be executed on a logged-in user’s web browser...
Malicious code in marvinjs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 965b7b4455eec757889260ad7d11671ee747f1d78f5ccca323303d223f246c43 The OpenSSF Package Analysis project identified 'marvinjs' @ 5.5.6 npm as malicious. It is considered malicious because: - The package...
Malicious code in sap-categories (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8915969d8530822c50077e17c288da7a30eed3ba1ea7f59b925794f7057b9705 The OpenSSF Package Analysis project identified 'sap-categories' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in sap-call (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ae3c2c5f325fdd688ce4d11cc5817769bd0f903c9d0df96c60c00cd96feb4639 The OpenSSF Package Analysis project identified 'sap-call' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-7655 Malicious code in sap-callerid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis aaf954365d809a7ff5859e9f1797a1acb30ac55273ed61e83c468025645b7116 The OpenSSF Package Analysis project identified 'sap-callerid' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in sap-button (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2afad02c98c4f6eb4d6616501b94fa8d0e753c27bc44db56cbda21007caff4f8 The OpenSSF Package Analysis project identified 'sap-button' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-7629 Malicious code in sap-bodytext (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13ca72d7cf90b082471932dde2a189cf23531ac4f6682bccd09ef9e2ba536852 The OpenSSF Package Analysis project identified 'sap-bodytext' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in sap-box (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 86709b300e2374d5bb16f8f492ae06e7d41fc92ca711bb29118742ea23c6acec The OpenSSF Package Analysis project identified 'sap-box' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...