Lucene search
K

50 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 12:0 a.m.5 views

Malicious code in @logdna-web/styles (npm)

The @logdna-web/styles package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization the @logdna-w...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/07/06 12:0 a.m.3 views

MAL-2026-10225 Malicious code in @logdna-web/shared (npm)

The @logdna-web/shared package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization the @logdna-w...

6.1AI score
Exploits0References3
OSV
OSV
added 2026/07/06 12:0 a.m.3 views

MAL-2026-10233 Malicious code in sams-sr-sdk-h5 (npm)

The sams-sr-sdk-h5 package was published to the npm registry by user 'click2ai' maintainer email [email protected] as part of a dependency-confusion / reconnaissance campaign. The package name mimics the internal/private package naming convention of a target organization a 'sams' internal...

6.1AI score
Exploits0References3
NVD
NVD
added 2026/06/04 2:16 p.m.17 views

CVE-2019-25736

LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.ex...

8.6CVSS0.00146EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/04 1:22 p.m.6 views

CVE-2019-25736

LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address to execute calc.ex...

8.6CVSS6.4AI score0.00146EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/04 1:22 p.m.21 views

CVE-2019-25736

LabF nfsAxe 3.7 Ping Client is affected by a buffer overflow in the Host IP field that enables local code execution via a crafted input file containing shellcode and a overwritten return address, potentially running commands such as calc.exe. The CVSS metrics reported a high-severity, local-explo...

8.6CVSS6.4AI score0.00146EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.9 views

LabF nfsAxe 安全漏洞

LabF nfsAxe is a Windows platform NFS client and NFS server suite developed by LabF Corporation. LabF nfsAxe has a security vulnerability, which stems from a buffer overflow. This vulnerability could allow local attackers to execute arbitrary code by providing malicious payloads in the Host IP...

8.6CVSS6.5AI score0.00146EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 8:9 a.m.21 views

Malicious code in @autofleet/rabbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a766d89a5ed19491bd107e5d31c79fbbe7a9be9bce2a957b290408fb9f54140c The package's compiled entry dist/index.js:48 defines let host = process.env.RABBITMQSERVICEHOST || '35.240.13.28' and then connects via...

5.9AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/17 4:52 p.m.109 views

MillieRCE

MillieRCE Millie is an advanced browser-based remote code exec...

6.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/02 2:47 a.m.6 views

CVE-2026-7546

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. The impacted element is the function findhostip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been...

10CVSS6.3AI score0.00754EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.14 views

PT-2026-36293

Name of the Vulnerable Software and Affected Versions Totolink NR1800X version 9.1.0u.6279 B20210910 Description A stack-based buffer overflow exists in the lighttpd component. This issue occurs when the find host ip function improperly handles the Host argument, allowing a remote attacker to...

10CVSS7.7AI score0.00754EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986837)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986837 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during...

7.8CVSS6AI score0.00277EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-15973

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00453EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-15968

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00453EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-32850

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00829EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/04 12:0 a.m.10 views

The vulnerability of the ipsec_road_asp() function in D-Link DI-8200 router software allows a attacker to cause a service failure.

The vulnerability of the ipsecroadasp function in D-Link DI-8200 router microprogramming software is related to buffer overflows in the stack when processing the hostip parameter. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

3.5CVSS5.8AI score0.00361EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2025/05/20 8:15 p.m.5 views

CVE-2025-44890

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpnotifyv3addpost function...

9.8CVSS5.8AI score0.00453EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/05/20 12:0 a.m.5 views

PLANET FW-WGS-804HPT 安全漏洞

PLANET FW-WGS-804HPT is a wall-mounted managed switch from PLANET China. A security vulnerability exists in PLANET FW-WGS-804HPT v1.305b241111, which originates from a stack overflow in the hostip parameter of the websnmpv3hostaddpost function...

9.8CVSS7AI score0.00453EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/05/20 12:0 a.m.8 views

CVE-2025-44890

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpnotifyv3addpost function...

7.8AI score0.00453EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/20 12:0 a.m.15 views

CVE-2025-44891

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the hostip parameter in the websnmpv3hostaddpost function...

0.00453EPSS
Exploits1References1
Rows per page
Query Builder