MAL-2025-35354 Malicious code in test-mlw2-floss-nopal (npm)

The package test-mlw2-floss-nopal was found to contain malicious code...

Malicious code in test-mlw2-floss-nopal (npm)

The package test-mlw2-floss-nopal was found to contain malicious code...

Product portals open: we want your input

SonarSource was born from open source software and most of what we do remains FLOSS, so openness and transparency have always been fundamental principles. With a recent change in how we approach product management, we've gone even further. We've recently opened up product portals on Productboard...

FLOSS - FireEye Labs Obfuscated String Solver (Automatically extract obfuscated strings from malware)

Rather than heavily protecting backdoors with hardcore packers, many malware authors evade heuristic detections by obfuscating only key portions of an executable. Often, these portions are strings and resources used to configure domains, files, and other artifacts of an infection. These key...

The Windows Malware Analysis Distribution: flare-vm

FLARE VM is a freely available and open sourced Windows-based security distribution designed for reverse engineers, malware analysts, incident responders, forensicators, and penetration testers. Inspired by open-source Linux-based security distributions like Kali Linux, REMnux and others, FLARE V...

Free Open Source Self Hosted VirusTotal: Malice

Free Open Source Self Hosted VirusTotal Malice’s mission is to be a free open source version of VirusTotal that anyone can use at any scale from an independent researcher to a fortune 500 company.’ Ubuntu Install: Install Go $ sudo add-apt-repository ppa:ubuntu-lxc/lxd-stable $ sudo apt-get updat...

Analyzing the Malware Analysts – Inside FireEye’s FLARE Team

At the Black Hat USA 2016 conference in Las Vegas last week, I was fortunate to sit down with Michael Sikorski, Director, FireEye Labs Advanced Reverse Engineering FLARE Team. During our conversation we discussed the origin of the FLARE team, what it takes to analyze malware, Michael’s book...

Analyzing the Malware Analysts – Inside FireEye’s FLARE Team

At the Black Hat USA 2016 conference in Las Vegas last week, I was fortunate to sit down with Michael Sikorski, Director, FireEye Labs Advanced Reverse Engineering FLARE Team. During our conversation we discussed the origin of the FLARE team, what it takes to analyze malware, Michael’s book...

TCExam <= 11.2.011 - Multiple SQL Injection Vulnerabilities

No description provided by source. TCExam =11.2.011 Multiple SQL Injection Vulnerabilities Vendor: Tecnik.com s.r.l. Product web page: http://www.tcexam.org Affected version: 11.2.009, 11.2.010 and 11.2.011 Summary: TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based...

TCExam 11.2.011 Cross Site Scripting

TCExam =11.2.011 Multiple Cross-Site Scripting Vulnerabilities Vendor: Tecnik.com s.r.l. Product web page: http://www.tcexam.org Affected version: 11.2.009, 11.2.010 and 11.2.011 Summary: TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT -...

TCExam 11.2.011 SQL Injection

TCExam =11.2.011 Multiple SQL Injection Vulnerabilities Vendor: Tecnik.com s.r.l. Product web page: http://www.tcexam.org Affected version: 11.2.009, 11.2.010 and 11.2.011 Summary: TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT - Computer-Based...

TCExam <=11.2.011 Multiple Cross-Site Scripting Vulnerabilities

Summary TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT - Computer-Based Testing or e-exam that enables educators and trainers to author, schedule, deliver, and report on quizzes, tests and exams. Description TCExam suffers from multiple pre and pos...

TCExam <=11.2.011 Multiple SQL Injection Vulnerabilities

Summary TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT - Computer-Based Testing or e-exam that enables educators and trainers to author, schedule, deliver, and report on quizzes, tests and exams. Description Input passed via multiple parameters to...

TCExam 11.2.011 - Multiple SQL Injections

TCExam =11.2.011 Multiple SQL Injection Vulnerabilities Vendor: Tecnik.com s.r.l. Product web page: http://www.tcexam.org Affected version: 11.2.009, 11.2.010 and 11.2.011 Summary: TCExam is a FLOSS system for electronic exams also know as CBA - Computer-Based Assessment, CBT - Computer-Based...