Lucene search
K

479 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in harmony-common (npm)

The package harmony-common was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in unicorn-fjjjr-evjto-harmony-project (npm)

The package unicorn-fjjjr-evjto-harmony-project was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-19573 Malicious code in ember-x2dls-1ovc2-harmony-project (npm)

The package ember-x2dls-1ovc2-harmony-project was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in harmony-uww9b-qqxzw-lunar-project (npm)

The package harmony-uww9b-qqxzw-lunar-project was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-39629 Malicious code in xenon-6kho4-eb6jz-harmony-project (npm)

The package xenon-6kho4-eb6jz-harmony-project was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in harmony-runtime (npm)

The package harmony-runtime was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-15043 Malicious code in aura-harmony-wud000-project (npm)

The package aura-harmony-wud000-project was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/08/14 3:49 p.m.11 views

CVE-2025-3831

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

9.8CVSS7.3AI score0.00371EPSS
Exploits0References1
NVD
NVD
added 2025/08/12 3:15 p.m.11 views

CVE-2025-3831

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

9.8CVSS0.00371EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 2:48 p.m.12 views

CVE-2025-3831 Exposed SFTP server

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

8.1CVSS0.00371EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/12 2:48 p.m.4 views

CVE-2025-3831 Exposed SFTP server

Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties...

8.1CVSS7.2AI score0.00371EPSS
Exploits0References1
CVE
CVE
added 2025/08/12 2:48 p.m.34 views

CVE-2025-3831

CVE-2025-3831 affects Check Point Harmony SASE agent. The root cause was a shared SFTP key embedded in the software with read/list permissions, granting broader access than intended to log files uploaded during troubleshooting. This could allow unauthorized parties to access logs (potentially inc...

9.8CVSS7.2AI score0.00371EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.7 views

PT-2025-32673 · Check Point · Harmony Sase Agent

Name of the Vulnerable Software and Affected Versions: Harmony SASE agent affected versions not specified Description: Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to unauthorized parties. Recommendations: At the moment, there is no information abou...

8.1CVSS7AI score0.00371EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/08/12 12:0 a.m.5 views

Check Point Harmony SASE 安全漏洞

Check Point Harmony SASE is a Secure Access Service edge application from Check Point Israel. A security vulnerability exists in Check Point Harmony SASE that stems from improper log file access control, which could lead to information disclosure...

9.8CVSS6.2AI score0.00371EPSS
Exploits0References1
OSV
OSV
added 2025/08/11 4:15 a.m.6 views

CVE-2025-27128

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...

7.8CVSS6.2AI score0.00135EPSS
Exploits0References1
NVD
NVD
added 2025/08/11 4:15 a.m.6 views

CVE-2025-24298

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...

8.4CVSS0.00135EPSS
Exploits0References1
OSV
OSV
added 2025/08/11 4:15 a.m.4 views

CVE-2025-24298

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free...

7.8CVSS6.2AI score0.00135EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/11 2:55 a.m.10 views

CVE-2025-25212 pasteboard has an improper input vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input...

3.3CVSS0.00111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/11 2:55 a.m.5 views

CVE-2025-25212 pasteboard has an improper input vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input...

3.3CVSS7AI score0.00111EPSS
Exploits0References1
CVE
CVE
added 2025/08/11 2:55 a.m.23 views

CVE-2025-25212

CVE-2025-25212 affects OpenHarmony, with versions v5.0.3 and earlier vulnerable to local DoS due to improper input handling. The issue is a local-attack vector, leading to denial of service as described in multiple sources (e.g., PT-2025-32508). The most concrete remediation is to upgrade to Open...

5.5CVSS7AI score0.00111EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder