16 matches found
MAL-2026-5861 Malicious code in solana-mev-bot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e65516d3e042858742ebfee878ff2de6361994ce0155dcbf53c8e0f24cd5fafb bot.js performs a hardcoded HTTPS GET to api.telegram.org's bot sendMessage endpoint, transmitting host fingerprint data collected via os.hostname,...
Malicious code in menu-filter-widget-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bed4a7ece362ef59f2b621b3f64d06e899740c8ca8d73e437145d48b960187ce package.json declares a postinstall lifecycle hook that runs callback.js on every npm install. callback.js reads os.hostname and sends it to a...
Malicious code in grateful-payments (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7a07a0a09ed8037058353b9b9b067e25e3cbe783eaab8d54276d490f823471 On npm install, the package's postinstall script src/canary.js performs a DNS lookup and HTTPS GET to the hardcoded host...
MAL-2026-4543 Malicious code in customerdigital-ui-containers-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a314a5b253dcb30b2781bda216266b7ab1b49b62eec416bd9be07b48ab46a348 On npm install, postinstall.js collects git identity, OS user/uid, hostname, internal network interface addresses, Cloudflare Pages environment...
CVE-2026-0651
A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...
EUVD-2017-5958
Malware in sbrugna...
EUVD-2017-5957
Malware in sbrugna...
CVE-2017-14454
Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A...
CVE-2017-14454
Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A...
CVE-2017-14454
Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A...
PT-2023-10531 · Unknown +1 · Insteon Hub +1
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "control" channel. Specially crafted replies received from the PubNub service can cause buffer overflows on...
Cisco Prime Infrastructure TFTP file upload vulnerability
Added: 10/11/2018 BID: 105506 Background Cisco Prime Infrastructure, is a management system of wireless and wired networks. Problem A vulnerability in Cisco Prime Infrastructure allows remote, unauthenticated attackers to execute arbitrary commands by uploading a JSP file via TFTP, and then...
Cisco Prime Infrastructure TFTP file upload vulnerability
Added: 10/11/2018 BID: 105506 Background Cisco Prime Infrastructure, is a management system of wireless and wired networks. Problem A vulnerability in Cisco Prime Infrastructure allows remote, unauthenticated attackers to execute arbitrary commands by uploading a JSP file via TFTP, and then...
Buffer overflow
An exploitable buffer overflow vulnerability exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A strcpy...
[THC-Hydra 7.5] Fast Parallel Network Logon Cracker
Hydra is a parallelized network logon cracker which supports numerous protocols to attack, new modules are easy to add, beside that, it is flexible and very fast. Features IPv6 Support Graphic User Interface Internationalized support RFC 4013 HTTP proxy support SOCKS proxy support The tool suppor...
Microsoft IIS 4.05.06.0 - Internal IP AddressInternal Network Name Disclosure
Microsoft IIS 4.05.06.0 - Internal IP AddressInternal Network Name Disclosure source: https://www.securityfocus.com/bid/3159/info A vulnerability has been discovered in Microsoft IIS that may disclose the internal IP address or internal network name to remote attackers. This vulnerability can be...