17 matches found
EUVD-2025-50843
Malicious code in grid-settings npm...
Malicious code in grid-settings (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b0798fc09c824e110a36baea640ebc023c337f246ab9cc2b6647eb4b9bddad The package grid-settings was found to contain malicious code. Source: ghsa-malware 4461bdacbed2361a56a39a0251d7a47f2454616c944b5380680198ea97f7ef20...
MAL-2025-66544 Malicious code in grid-settings (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b0798fc09c824e110a36baea640ebc023c337f246ab9cc2b6647eb4b9bddad The package grid-settings was found to contain malicious code. Source: ghsa-malware 4461bdacbed2361a56a39a0251d7a47f2454616c944b5380680198ea97f7ef20...
Malicious Package
Overview grid-settings is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2021-11641
Malware in sbrugna...
EUVD-2025-26418
Malicious code in bioql PyPI...
CVE-2025-9696
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the...
CVE-2025-9696
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the...
CVE-2025-9696 Use of Hard-coded Credentials in SunPower PVS6
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the...
CVE-2025-9696 Use of Hard-coded Credentials in SunPower PVS6
The SunPower PVS6's BluetoothLE interface is vulnerable due to its use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range could exploit this vulnerability to gain full access to the device's servicing interface. This access allows the...
CVE-2025-9696
CVE-2025-9696 concerns SunPower PVS6 BluetoothLE security. The vulnerability arises from the device’s Bluetooth Low Energy interface using hardcoded encryption parameters and publicly accessible protocol details, enabling an attacker in Bluetooth range to gain full access to the servicing interfa...
PT-2025-35584
Name of the Vulnerable Software and Affected Versions: SunPower PVS6 affected versions not specified Description: The SunPower PVS6’s BluetoothLE interface is vulnerable due to the use of hardcoded encryption parameters and publicly accessible protocol details. An attacker within Bluetooth range...
CVE-2024-3635
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-3635
The Post Grid WordPress plugin before 7.5.0 does not sanitise and escape some of its Grid settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
PT-2024-26959 · WordPress · Post Grid
Name of the Vulnerable Software and Affected Versions: The Post Grid WordPress plugin versions prior to 7.5.0 Description: The issue allows high privilege users, such as Editor and above, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for...
CVE-2021-24729
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase...
CVE-2021-24729
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase...