MAL-2026-4590 Malicious code in json-to-simple-graphql-schema (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9998f4fd6abaaefcf6bd610ce0b558f0e1eb22c9d4dae07a111c27cc7f7322c The package contains a poc.js script that collects host reconnaissance data os.hostname, os.platform, output of whoami via childprocess and POSTs it ...

EUVD-2025-15380

Malicious code in bioql PyPI...

Malicious code in udn_extras (npm)

The package is a malware because it contains a postinstall script that executes index.js. The index.js script gathers sensitive information such as hostname, platform, username, IP address, and environment variables and sends it to an external server webhook.site via an HTTPS POST request. This...

CVE-2024-20408

A vulnerability in the Dynamic Access Policies DAP feature of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker...

PT-2024-7457 · Cisco · Cisco Asa +1

Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliance ASA Software affected versions not specified Cisco Firepower Threat Defense FTD Software affected versions not specified Description: The issue is related to improper validation of data in HTTPS POST requests...

C-MOR Video Surveillance 5.2401 / 6.00PL01 Cross Site Scripting

Advisory ID: SYSS-2024-021 Product: C-MOR Video Surveillance Manufacturer: za-internet GmbH Affected Versions: 5.2401, 6.00PL01 Tested Versions: 5.2401, 6.00PL01 Vulnerability Type: Persistent Cross-Site Scripting CWE-79 Risk Level: High Solution Status: Open Manufacturer Notification: 2024-04-05...

Wago PFC200 Cloud Connectivity Improper Host Validation (CVE-2019-5160)

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

Malicious Packages

exchangeclients and rush-lib are malicious packages. The packages contains empty README files but the strings: "rukkaz package" or "azbit package" present in the metadata. The packages are created to abuse the dependency confusion vulnerability. The malicious code executes upon installation and...

CVE-2019-5160

An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.0214, 03.01.0713, and 03.00.3912. A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized...

Astaroth Spy Trojan Uses Facebook, YouTube Profiles to Cover Tracks

Facebook and YouTube profiles are at the heart of an ongoing phishing campaign spreading the Astaroth trojan, bent on the eventual exfiltration of sensitive information. The attack is sophisticated in that it uses normally trusted sources as cover for malicious activities – thus evading usually...

APT29 Domain Fronting With TOR

Mandiant has observed Russian nation-state attackers APT29 employing domain fronting techniques for stealthy backdoor access to victim environments for at least two years. There has been considerable discussion about domain fronting following the release of a paper detailing these techniques...

Ubuntu Update for elinks vulnerability USN-519-1

Ubuntu Update for Linux kernel vulnerabilities USN-519-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5191.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for elinks vulnerability USN-519-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

CVE-2009-0358

Mozilla Firefox 3.x before 3.0.6 does not properly implement the 1 no-store and 2 no-cache Cache-Control directives, which allows local users to obtain sensitive information by using the a back button or b history list of the victim's browser, as demonstrated by reading the response page of an...

CVE-2002-0792

The web management interface for Cisco Content Service Switch CSS 11000 switches allows remote attackers to cause a denial of service soft reset via 1 an HTTPS POST request, or 2 malformed XML data...

Cisco Content Service Switch reboots when HTTPS POST request is sent to web management interface

Overview The Cisco Content Service Switch contains a denial-of-service vulnerability that allows remote attackers to reboot affected devices. Description The Cisco Content Service Switch CSS products include support for the session and application layers. This additional functionality allows a CS...