Lucene search
K

30 matches found

GithubExploit
GithubExploit
added 2026/06/07 2:42 p.m.68 views

mcp-tool-poisoning-poc

mcp-tool-poisoning — Educational PoC Demonstrates the Too...

7.5CVSS5.5AI score0.22114EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 1:57 p.m.11 views

Malicious code in tempo-shared-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc05637e4f67c7a00ac3b790680f46174243df9c2740a161a029d4b266a79839 On npm install, the preinstall script poc.js collects host identity hostname, username, OS/platform, network configuration ipconfig / ip a /...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/20 3:57 a.m.14 views

Malicious code in @pluxee-connect/api-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f5056dda18e9a9f440db7379d09fa1f9f7ff087ac00d6684170cddd40c240e9 On npm install, postinstall.js collects os.hostname, os.userInfo, and process.version and transmits them over plain HTTP to...

5.8AI score
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/10 3:52 a.m.140 views

Exploit for CVE-2026-5530

CVE-2026-5530 Ollama SSRF via OCI registry redirect with full...

6.5CVSS6.6AI score0.00288EPSS
Exploits2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 1:12 p.m.9 views

Malicious code in python-requirements (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 40fa77c47c3649fce85f601f8aa10bf13674e5db4a2d35f125cb48b77d65f99d The package clones a legitimate webdavclient3 library and modifies it to be an installer utility. During installation, the package exfiltrates the current...

5.8AI score
Exploits0References5
OSV
OSV
added 2025/07/03 3:6 p.m.2 views

MAL-2025-5810 Malicious code in dns-exfil-poc (npm)

The package communicates with a domain associated with malicious activity...

7.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.7 views

CVE-2024-29384

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions...

7.5CVSS6.5AI score0.00757EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.6 views

CVE-2024-33436

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...

5.3CVSS6.5AI score0.00551EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:24 a.m.5 views

CVE-2024-33437

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...

7.5CVSS6.5AI score0.00757EPSS
Exploits1References1
NVD
NVD
added 2024/04/30 8:15 p.m.15 views

CVE-2024-33437

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules...

7.5CVSS6.1AI score0.00757EPSS
Exploits1References2
OSV
OSV
added 2024/04/30 8:15 p.m.6 views

CVE-2024-33436

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...

5.3CVSS5.8AI score0.00551EPSS
Exploits1References2
NVD
NVD
added 2024/04/30 8:15 p.m.15 views

CVE-2024-33436

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...

5.3CVSS6.1AI score0.00551EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.6 views

PT-2024-22873 · Unknown · Css Exfil Protection

Name of the Vulnerable Software and Affected Versions: CSS Exfil Protection version 1.1.0 Description: An issue in CSS Exfil Protection allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions. Recommendations: For CSS Exfil Protection version 1.1.0,...

7.5CVSS6.1AI score0.00757EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2024/04/30 12:0 a.m.7 views

CVE-2024-29384

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions...

6.4AI score0.00757EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/30 12:0 a.m.25 views

CVE-2024-29384

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information via the content.js and parseCSSRules functions...

6.3AI score0.00757EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/30 12:0 a.m.13 views

CVE-2024-33436

An issue in CSS Exfil Protection v.1.1.0 allows a remote attacker to obtain sensitive information due to missing support for CSS variables...

6.5AI score0.00551EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.3 views

PT-2024-25258 · Unknown · Css Exfil Protection

Name of the Vulnerable Software and Affected Versions: CSS Exfil Protection version 1.1.0 Description: An issue in CSS Exfil Protection allows a remote attacker to obtain sensitive information due to missing support for CSS Style Rules. Recommendations: For CSS Exfil Protection version 1.1.0, at...

7.5CVSS6AI score0.00757EPSS
Exploits1References7
CVE
CVE
added 2024/04/30 12:0 a.m.58 views

CVE-2024-29384

CVE-2024-29384 affects CSS Exfil Protection v1.1.0. The vulnerability resides in the functions content.js and parseCSSRules , enabling a remote attacker to obtain sensitive information. The NVD entry lists CVSSv3.1: 7.5 (High) with NETWORK attack vector, no privileges required, no user interactio...

7.5CVSS6.3AI score0.00757EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/04/30 12:0 a.m.48 views

CVE-2024-33437

CV E-2024-33437 concerns CSS Exfil Protection v1.1.0, where a missing support for CSS Style Rules enables a remote attacker to obtain sensitive information. The vulnerability is documented across multiple sources (NVD, Red Hat, CVE listings, CNNVD, PT-Security) with a CVSSv3.1 base score of 7.5 (...

7.5CVSS6.3AI score0.00757EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2024/04/30 12:0 a.m.52 views

CVE-2024-33436

CVE-2024-33436 affects CSS Exfil Protection v1.1.0. All connected sources describe an issue where missing support for CSS variables enables a remote attacker to obtain sensitive information. The vulnerability is documented across NVD, Red Hat, CNNVD, CVE.org, and related feeds. Technical specific...

5.3CVSS6.3AI score0.00551EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder