20 matches found
Malicious code in @fed-sofia/jetify (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d52f83f746279f72c9c00fb264e4187de8c611e0d0dcd3d24ac98cfed4618f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-5668 Malicious code in fed-callnative (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview fed-callnative is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in fed-callnative (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
artificienlib (>=0.1.1 <=0.1.6), fed-rf-mk (>=0.0.5 <=1.0.0) potentially affected by CVE-2026-31220 via syft (>=0.2.9 <=0.9.5)
syft PYPI version =0.2.9, =0.1.1, =0.0.5, =1.0.0 Source cves: CVE-2026-31220 Source advisory: OSV:GHSA-CFPG-C974-JFHQ...
MAL-2025-10012 Malicious code in @zalastax/nolb-_fed (npm)
The package @zalastax/nolb-fed was found to contain malicious code...
Malicious code in @zalastax/nolb-_fed (npm)
The package @zalastax/nolb-fed was found to contain malicious code...
MOVEit Vulnerability Breaches Targeted Fed Agencies
Jon Clay and Ed Cabrera talk about the MOVEit breaches and more in the video series TrendTalksBizSec...
Authentication Bypass
passport-wsfed-saml2 is vulnerable to authentication bypass. The vulnerability exists in the retrieveToken function of wsfederation.js due to a lack of proper validation when more than one assertion is inside a token response for WS-Fed, which allows an attacker to bypass WSFed authentication...
Malicious code in fed-challenge-starter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 225b081f29561b9d3a9e737de52432acb6d9d59794a1d05e2ec47e1d8d8721c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2998 Malicious code in fed-challenge-starter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 225b081f29561b9d3a9e737de52432acb6d9d59794a1d05e2ec47e1d8d8721c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in fed-cnr-pagelet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abff6acba0d7dfda3ce1407c7c9c994815e4463231fdf7d069691c3dc0e12c38 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
fed-net.fr XSS vulnerability
Open Bug Bounty ID: OBB-650375 Description| Value ---|--- Affected Website:| fed-net.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
fed-net.be XSS vulnerability
Vulnerable URL: http://www.fed-net.be/index.php?page=2 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check fed-net.be SSL...
Well-fed farm (for kids) - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Well-fed farm for kids published at the 'play' market has multiple vulnerabilities...
Well-fed farm 2. - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Well-fed farm 2. published at the 'play' market has multiple vulnerabilities...
Threat Outbreak Alert: Fake Tax Payment Failure Notification Email Messages on November 11, 2013
Medium Alert ID: 31722 First Published: 2013 November 12 14:35 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a tax payment failure notification for the recipient. The text in the email message attempts to convince the...
Several vulnerabilities in third party extensions
Several vulnerabilities have been found in the following third-party TYPO3 extensions: fed, myquizpoll, push2rss3ds, slideshare, wecdiscussion Release Date: February 19, 2013 Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant...
osCmax Shop CMS 2.5.1 Cross Site Scripting
Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...
Unfixed XSS vulnerability at www.newyorkfed.org
Security researcher Pragmatk, has submitted on 23/04/2009 a cross-site-scripting XSS vulnerability affecting www.newyorkfed.org, which at the time of submission ranked 89553 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...