106 matches found
MAL-2026-4651 Malicious code in pulse-axios (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c64dad53e23f7fcba3813e9ae6caee3f9461f5e52194165da668e5332e78bb99 [email protected] declares a postinstall hook node./lib/core/eval.js that on npm install issues fetch'http://localhost:3000/download/data', reads th...
Exploit for Command Injection in Microsoft
CVE-2025-54100-BYPASS- CVE-2025-54100 POC "simple" Bypass Patc...
EUVD-2019-1478
Malware in sbrugna...
EUVD-2017-0547
Malware in sbrugna...
EUVD-2019-1477
Malware in sbrugna...
EUVD-2020-8852
Malware in sbrugna...
EUVD-2019-1474
Malware in sbrugna...
EUVD-1999-0173
Malware in sbrugna...
EUVD-2019-1475
Malware in sbrugna...
EUVD-2018-20073
Malware in sbrugna...
CVE-2025-6392
Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...
CVE-2025-4662
Brocade SANnav before SANnav 2.4.0a logs plaintext passphrases in the Brocade SANnav host server audit logs while executing OpenSSL command using a passphrase from the command line or while providing the passphrase through a temporary file. These audit logs are the local server VM’s audit logs an...
CVE-2025-53020
A memory exhaustion flaw has been discovered in the Apache HTTP server. In some instances, the Apache HTTP server fails to free memory. Given sufficient time, this may lead to the host operating system killing the web server in order to reclaim memory. Mitigation Mitigation for this issue is eith...
CVE-2018-5409
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. An attacker can execute malicious code by compromising the host server, performing DNS spoofing, or modifying the...
RustDesk Self-Host Server (Linux)
Binary data rustdeskselfhostingserverlinuxinstalled.nbin...
RustDesk Self-Host Server Installed (Windows)
Binary data rustdeskselfhostingserverwininstalled.nbin...
CVE-2022-2253
A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server...
Arbitrary File Overwrite
aim is vulnerable to Arbitrary File Overwrite. The vulnerability is due to improper handling of the runhash and repo.path parameters in the backuprun-function, allowing any file on the host server to be overwritten and arbitrary data to be exfiltrated...
PYSEC-2023-243
Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack...
OpenStack Swift XML external entities (XXE) Injection
An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. By supplying crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data...