EUVD-2023-1414

Malicious code in bioql PyPI...

Malicious code in @zalastax/nolb-_hyper_fun_fluentui-icon-h (npm)

The package @zalastax/nolb-hyperfunfluentui-icon-h was found to contain malicious code...

Cross-site Scripting (XSS)

Overview @fluentui/react-charts is a React web chart controls for Microsoft fluentui v9 system. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the unsecured SVG attribute spreading in the CartesianChart, Legend Shape renderer, and LineChart event annotation Textb...

BIT-FLUENTD-2020-21514

An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password...

Raven - CI/CD Security Analyzer

RAVEN Risk Analysis andVulnerability Enumeration for CI/CD is a powerful security tool designed to perform massive scans for GitHub Actions CI workflows and digest the discovered data into a Neo4j database. Developed and maintained by the Cycode research team. With Raven, we were able to identify...

CVE-2020-21514

A flaw was found in Fluentd and fluent-ui. This issue may allow an attacker to gain escalated privileges and execute arbitrary code due to allowing a default password at install time...

Fluent Fluentd and Fluent-ui use default password

An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password...

GHSA-WRXF-X8RM-6GGG Fluent Fluentd and Fluent-ui use default password

An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password...

Default credentials

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password...

CVE-2020-21514

An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password...

CVE-2020-21514

An issue was discovered in Fluent-ui v.1.2.2 allows attackers to gain escalated privileges and execute arbitrary code due to a default password...

Fluent Fluentd and Fluent-ui use default password

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password...

CVE-2020-21514

CVE-2020-21514 — Fluent-ui v1.2.2 : A default-password issue allowing attackers to gain escalated privileges and execute arbitrary code. Root cause: default credentials enable unauthorized access; impact is high (CVE score 8.8). The supplied connected documents confirm the affected product and th...

Fluent Fluentd and Fluent-ui use default password

An issue was discovered in Fluent Fluentd v.1.8.0 and Fluent-ui v.1.2.2 that allows attackers to gain escilated privileges and execute arbitrary code due to use of a default password...

Malicious code in fluent-ui-react-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d4f214d34026a7c88fc092754888c5c4c127f5cead75c2e93a25b2a3e3cc403 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-449 Malicious code in fluent-ui-react-latest (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d4f214d34026a7c88fc092754888c5c4c127f5cead75c2e93a25b2a3e3cc403 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview fluent-ui-react-latest is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

@fluentui/local-sandbox (>=0.31.1-alpha.6224 <=0.45.0), @fluentui/react (>=0.31.1-alpha.6224 <=0.46.0) +6 more potentially affected by unknown CVE via @fluentui/styles (>=0.31.1-alpha.6224 <=0.49.0)

@fluentui/styles NPM version =0.31.1-alpha.6224, =0.31.1-alpha.6224, =0.31.1-alpha.6224, =0.31.1-alpha.6224, =0.47.6, =0.47.0, =0.47.4, =0.1.0, =2.0.0 Source cves: unknown CVE Source advisory: SNYK:JS-FLUENTUISTYLES-570808...