Lucene search
K

20 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/29 4:53 p.m.7 views

Malicious code in @fed-sofia/jetify (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d52f83f746279f72c9c00fb264e4187de8c611e0d0dcd3d24ac98cfed4618f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/11 1:54 p.m.10 views

MAL-2026-5668 Malicious code in fed-callnative (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/06/11 1:54 p.m.6 views

Malicious Package

Overview fed-callnative is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 1:54 p.m.15 views

Malicious code in fed-callnative (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3971b7c0ac52c7cb668a8147d9774cb0f7a0b4e0bf04a59a6b55426f9c84fcf4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.5AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/05/12 6:30 p.m.9 views

artificienlib (>=0.1.1 <=0.1.6), fed-rf-mk (>=0.0.5 <=1.0.0) potentially affected by CVE-2026-31220 via syft (>=0.2.9 <=0.9.5)

syft PYPI version =0.2.9, =0.1.1, =0.0.5, =1.0.0 Source cves: CVE-2026-31220 Source advisory: OSV:GHSA-CFPG-C974-JFHQ...

9.8CVSS5.8AI score0.00631EPSS
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-10012 Malicious code in @zalastax/nolb-_fed (npm)

The package @zalastax/nolb-fed was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in @zalastax/nolb-_fed (npm)

The package @zalastax/nolb-fed was found to contain malicious code...

7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/06/21 12:0 a.m.10 views

MOVEit Vulnerability Breaches Targeted Fed Agencies

Jon Clay and Ed Cabrera talk about the MOVEit breaches and more in the video series TrendTalksBizSec...

7AI score
Exploits0
Veracode
Veracode
added 2022/12/14 3:21 a.m.21 views

Authentication Bypass

passport-wsfed-saml2 is vulnerable to authentication bypass. The vulnerability exists in the retrieveToken function of wsfederation.js due to a lack of proper validation when more than one assertion is inside a token response for WS-Fed, which allows an attacker to bypass WSFed authentication...

7.5CVSS7.4AI score0.00751EPSS
Exploits0References4Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 9:13 p.m.4 views

Malicious code in fed-challenge-starter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 225b081f29561b9d3a9e737de52432acb6d9d59794a1d05e2ec47e1d8d8721c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 9:13 p.m.7 views

MAL-2022-2998 Malicious code in fed-challenge-starter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 225b081f29561b9d3a9e737de52432acb6d9d59794a1d05e2ec47e1d8d8721c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:26 p.m.5 views

Malicious code in fed-cnr-pagelet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware abff6acba0d7dfda3ce1407c7c9c994815e4463231fdf7d069691c3dc0e12c38 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/07/19 4:36 p.m.5 views

fed-net.fr XSS vulnerability

Open Bug Bounty ID: OBB-650375 Description| Value ---|--- Affected Website:| fed-net.fr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Openbugbounty
Openbugbounty
added 2017/05/02 8:7 a.m.7 views

fed-net.be XSS vulnerability

Vulnerable URL: http://www.fed-net.be/index.php?page=2 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 31.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Check fed-net.be SSL...

6.3AI score
Exploits0
hackapp
hackapp
added 2016/04/01 10:20 a.m.11 views

Well-fed farm (for kids) - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Well-fed farm for kids published at the 'play' market has multiple vulnerabilities...

0.8AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 10:19 a.m.17 views

Well-fed farm 2. - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Well-fed farm 2. published at the 'play' market has multiple vulnerabilities...

0.4AI score
Exploits0References1Affected Software1
Cisco Threats
Cisco Threats
added 2013/11/12 2:35 p.m.12 views

Threat Outbreak Alert: Fake Tax Payment Failure Notification Email Messages on November 11, 2013

Medium Alert ID: 31722 First Published: 2013 November 12 14:35 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a tax payment failure notification for the recipient. The text in the email message attempts to convince the...

0.7AI score
Exploits0
Typo3
Typo3
added 2013/02/19 12:0 a.m.19 views

Several vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third-party TYPO3 extensions: fed, myquizpoll, push2rss3ds, slideshare, wecdiscussion Release Date: February 19, 2013 Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant...

7.8AI score
Exploits0Affected Software5
Packet Storm
Packet Storm
added 2012/04/09 12:0 a.m.49 views

osCmax Shop CMS 2.5.1 Cross Site Scripting

Title: ====== osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities Date: ===== 2012-04-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=497 VL-ID: ===== 497 Introduction: ============= osCMax is a powerful e-commerce/shopping cart web application. There are many...

0.1AI score
Exploits0
xssed
xssed
added 2009/04/23 12:0 a.m.19 views

Unfixed XSS vulnerability at www.newyorkfed.org

Security researcher Pragmatk, has submitted on 23/04/2009 a cross-site-scripting XSS vulnerability affecting www.newyorkfed.org, which at the time of submission ranked 89553 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 13/12/2011. It is...

6.6AI score
Exploits0References1
Rows per page
Query Builder