MAL-2025-143591 Malicious code in ini-forever-foundation-framework (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 276bf94003b7622e515f3e0a9f9a371f2d64a3f3045c39359a4cb9e0343543a8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-112522

Malicious code in ini-forever-foundation-framework npm...

EUVD-2005-1339

Malware in sbrugna...

CVE-2020-26304

Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any fixes are available...

CVE-2020-26304

Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any fixes are available...

CVE-2020-26304 GHSL-2020-290: Regular Expression Denial of Service (ReDoS) in foundation-sites

Foundation is a front-end framework. Versions 6.3.3 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any fixes are available...

PT-2024-10794 · Unknown · Foundation

Name of the Vulnerable Software and Affected Versions: Foundation versions 6.3.3 and prior Description: The issue concerns Regular Expression Denial of Service ReDoS due to one or more vulnerable regular expressions in the framework. There is no information available about the estimated number of...

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component CVE-2023-23520 that could enable a malicious actor to read arbitrary files as root. The iPhone...

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS. The first flaw is a race condition in the Crash Reporter component CVE-2023-23520 that could enable a malicious actor to read arbitrary files as root. The iPhone...

GHSA-H352-G5VW-3926 Improper Input Validation in fruity

Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...

Improper Input Validation in fruity

Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...

RUSTSEC-2021-0123 Converting `NSString` to a String Truncates at Null Bytes

Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...

Converting `NSString` to a String Truncates at Null Bytes

Methods of NSString for conversion to a string may return a partial result. Since they call CStr::fromptr on a pointer to the string buffer, the string is terminated at the first null byte, which might not be the end of the string. In addition to the vulnerable functions listed for this issue, th...

Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable

Overview A buffer overflow in Mac OS X Foundation Framework's processing of environment variables may lead to elevated privileges. Description A vulnerability is present Mac OS X Foundation Framework shipped in version 10.3.9 of Mac OS X and Mac OSX Server. There is a flaw in the handling of...

CVE-2005-1336

CVE-2005-1336 is a local buffer overflow vulnerability in the Mac OS X Foundation Framework (v10.3.9) caused by improper handling of environment variables. The vulnerability allows local users to potentially execute arbitrary code with elevated privileges due to a faulty environment-variable proc...

CVE-2005-1336

Buffer overflow in the Foundation framework for Mac OS X 10.3.9 allows local users to execute arbitrary code via a long environment variable...

CVE-2004-0822

The CVE-2004-0822 entry describes a local-buffer overflow in Apple’s CoreFoundation.framework (CoreFoundation.framework) on Mac OS X versions 10.2.8, 10.3.4, and 10.3.5. The vulnerability arises from how CoreFoundation processes a specific environment variable, allowing an authenticated, local at...

CVE-2004-0821

CVE-2004-0821 concerns the Mac OS X Core Foundation CFPlugIn facilities: the CoreFoundation CFPlugIn loader could load user-supplied libraries, potentially allowing a local attacker to gain elevated privileges. Public sources (NVD entry for CVE-2004-0821 and CERT/Apple advisories) describe the vu...