10064 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
MAL-2025-190820 Malicious code in @quick-start-soft/quick-git-clean-markdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 577d17cd2429a5652e40b47820dcf0d2effeaf1de1762f1ee7c8b3c14eeb7cb3 The package @quick-start-soft/quick-git-clean-markdown was found to contain malicious code. Source: ghsa-malware...
EUVD-2025-198857
Malicious code in @quick-start-soft/quick-git-clean-markdown npm...
MAL-2025-190686 Malicious code in @trigo/jsdt (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff5aae2e5762514a4d2a304a2ceb36d9b895c8bd88c9a6303752aea4b078119f The package @trigo/jsdt was found to contain malicious code. Source: ghsa-malware 91f1b0ba55c42b887eade435580838bef529a7fe7a9b9fd8b3cd05ada0528cc7 An...
A Pre-Built CNCF Pipeline: From Git to Running on Kubernetes
...
TencentOS Server 3: ruby:2.5 (TSSA-2025:0448)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0448 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
TencentOS Server 3: git (TSSA-2025:0455)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0455 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: git (TSSA-2025:0737)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0737 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
TencentOS Server 4: grafana (TSSA-2024:0907)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0907 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CVE-2025-12472
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
CVE-2025-12472 Remote Code Execution in Looker due to Improperly Validated Directory Deletion
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
CVE-2025-12472
The CVE-2025-12472 vulnerability affects Looker LookML projects where an attacker with a Looker Developer role can trigger a race condition during Git directory deletion, potentially allowing arbitrary command execution on Looker instances. Public disclosures from NVD/Looker/RH ENISA indicate Loo...
CVE-2025-12472 Remote Code Execution in Looker due to Improperly Validated Directory Deletion
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
MAL-2025-191158 Malicious code in CodeInKlingon.git-worktree-menu (VSCode:https://open-vsx.org)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 68ef1fadb311fcf38b0a3d9f7e7845c12f201bfdab9556387e9a8b052cec8ee5 This extension is malicious. When installed it runs an info stealer that exfiltrates user data including credentials and cryptocurrency...
Google Cloud Looker 安全漏洞
Google Cloud Looker is an online tool from Google USA for transforming data into customizable and informative reports and dashboards. A security vulnerability exists in Google Cloud Looker that stems from the Looker Developer role that can manipulate LookML projects to take advantage of competing...
PT-2025-47449
An attacker with a Looker Developer role could manipulate a LookML project to exploit a race condition during Git directory deletion, leading to arbitrary command execution on the Looker instance. Looker-hosted and Self-hosted were found to be vulnerable. This issue has already been mitigated for...
KLA90930 OSI vulnerability in Git for Windows
Information disclosure vulnerability was found in Git for Windows. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories Git for Windows 2.52.0 Exploitation Related products Git-for-Windows CVE list CVE-2025-66413 high Solution Update to the latest...
CVE-2025-13209
CVE-2025-13209 affects bestfeng oa_git_free up to version 9.5. The vulnerability lies in the updateWriteBack function (file yimioa-oa9.5/server/c-flow/src/main/java/com/cloudweb/oa/controller/WorkflowPredefineController.java), where manipulation of the writeProp argument can trigger an XML Extern...