Malicious code in libhmac (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fccbd481dd2bd04274c5045995a08ddbcf302780c24f39eb63821d5d63a998d1 The PyPI name 'libhmac' matches the well-known libyal/libhmac C forensics library HMAC primitive, but the package contents have nothing to do with HM...

CVE-2024-58280

CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...

PT-2025-50529

Name of the Vulnerable Software and Affected Versions CMSimple version 5.15 Description An authenticated attacker can execute commands remotely on the server. This is possible by modifying file extensions and uploading malicious PHP files. Specifically, attackers can append ',php' to Extensions...

EUVD-2019-19187

Malware in sbrugna...

EUVD-2008-5503

Malware in sbrugna...

EUVD-2008-5508

Malware in sbrugna...

EUVD-2008-5507

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-5081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed a...

CVE-2019-9825

FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature...

CVE-2020-4928

IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request and modifying the file extention, the attacker could execute arbitrary code on the server. IBM X-Force ID: 191705...

Code injection

Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files...

CVE-2017-5081

Removed by vendor...

CVE-2017-5081

Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for Mac, Windows, and Linux, and 59.0.3071.92 for Android, allowed an attacker with local write access to modify extensions by modifying extension files...