MAL-2025-32233 Malicious code in rimraf-glob (npm)

The package rimraf-glob was found to contain malicious code...

Malicious code in rimraf-glob (npm)

The package rimraf-glob was found to contain malicious code...

Malicious code in glob-match (npm)

The package glob-match was found to contain malicious code...

@deck/app (>=1.0.1 <=1.4.11), octophant (=0.1.0) potentially affected by unknown CVE via rimraf-glob (=0.0.0)

rimraf-glob NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on rimraf-glob and may be impacted: - @deck/app =1.0.1, =1.4.11 - octophant =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-32233...

Malicious code in flat-glob (npm)

The package flat-glob was found to contain malicious code...

MAL-2025-21577 Malicious code in glob-match (npm)

The package glob-match was found to contain malicious code...

MAL-2025-20688 Malicious code in flat-glob (npm)

The package flat-glob was found to contain malicious code...

TencentOS Server 3: nodejs-nodemon (TSSA-2023:0048)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0048 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS due to the globEscape function. An attacker can send specially crafted inputs that exploit inefficient regular expression complexity. Details Denial of Service DoS describes a family of attacks...

@actions-for-rust/core (>=0.1.6 <=0.1.8), @actions-rs-plus/core (>=0.0.0 <=0.7.5) +125 more potentially affected by CVE-2025-5890 via @actions/glob (>=0.1.2 <=0.7.0)

@actions/glob NPM version =0.1.2, =0.1.6, =0.0.0, =0.1.0, =1.0.1-2a6268e89ea5fbc66dadd1d897cac75b3f0a63e4.0, =0.1.0, =1.0.0, =4.0.0, =3.2.5, =1.1.0, =3.2.2, =2.0.0, =2.0.3 and more Source cves: CVE-2025-5890 Source advisory: SNYK:JS-ACTIONSGLOB-11484208...

CVE-2025-5890

A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate...

CVE-2025-5890 actions toolkit glob internal-pattern.ts globEscape redos

A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects the function globEscape of the file toolkit/packages/glob/src/internal-pattern.ts of the component glob. The manipulation leads to inefficient regular expression complexity. It is possible to initiate...

CVE-2025-4790

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4790

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4790 FreeFloat FTP Server GLOB Command buffer overflow

A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and...

CVE-2025-4790

CVE-2025-4790 — FreeFloat FTP Server 1.0 is affected by a vulnerability in the GLOB Command Handler that allows a remote buffer overflow. The PT-Security report confirms a critical issue in the GLOB Command Handler with remote exploitation; no patch/version remediation details are provided in the...

PT-2025-21741 · Unknown · Freefloat Ftp Server

Name of the Vulnerable Software and Affected Versions: FreeFloat FTP Server version 1.0 Description: A critical issue was found in the GLOB Command Handler component, leading to a buffer overflow. This can be exploited remotely. The issue has been publicly disclosed. Recommendations: For FreeFloa...

FreeFloat FTP Server 安全漏洞

FreeFloat FTP Server is an FTP service from Freefloat. A buffer overflow vulnerability exists in FreeFloat FTP Server that stems from the GLOB Command Handler component failing to properly validate the length size of input data, no details of the vulnerability are provided at this time...

PCMan FTP Server 'GLOB' Buffer Overflow Vulnerability

PCMan FTP Server is PCMan open source set of FTP server software. A buffer overflow vulnerability exists in PCMan FTP Server 'GLOB', which originates from the GLOB command handler failing to properly validate the length and size of input data, and can be exploited by an attacker to execute...

vscode -- security feature bypass vulnerability

VSCode developers report: A security feature bypass vulnerability exists in VS Code 1.100.0 and earlier versions where a maliciously crafted URL could be considered trusted when it should not have due to how VS Code handled glob patterns in the trusted domains feature. When paired with the fetch...