Lucene search
K

106 matches found

Vulnrichment
Vulnrichment
added 2025/12/08 5:27 p.m.4 views

CVE-2025-48606

In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User...

6.4AI score0.00083EPSS
Exploits0References1
EUVD
EUVD
added 2025/11/13 3:23 a.m.1 views

EUVD-2025-178296

Malicious code in jasmine-cypress-gravity-install npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.1 views

EUVD-2025-112428

Malicious code in install-semantic-ui-warp-fork npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.2 views

EUVD-2025-123566

Malicious code in polaris-meteor-babel-install npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 4:29 a.m.1 views

EUVD-2025-124688

Malicious code in mutation-rehype-semantic-ui-install npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-4597

Malware in sbrugna...

7.8CVSS7.7AI score0.00645EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-0865

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.04118EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-38028

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00227EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-0046

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead t...

7.8CVSS5.7AI score0.00121EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2025/05/26 12:0 a.m.3 views

Fedora: Security Advisory (FEDORA-2025-42ee7772e3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS7.5AI score0.00679EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 5:19 a.m.3 views

CVE-2023-21257

In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.7AI score0.0009EPSS
Exploits0References1
OSV
OSV
added 2025/03/03 1:39 p.m.3 views

MAL-2025-1939 Malicious code in secure-install-package (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/03 1:39 p.m.3 views

Malicious code in secure-install-package (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/11/28 12:15 a.m.5 views

CVE-2018-9374

In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00084EPSS
Exploits0References1
OSV
OSV
added 2024/11/13 6:15 p.m.4 views

CVE-2024-43081

In installExistingPackageAsUser of InstallPackageHelper.java, there is a possible carrier restriction bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00104EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/01 12:6 p.m.17 views

CVE-2024-4007 Hard coded default credential contained in install package

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured...

8.8CVSS7AI score0.01511EPSS
Exploits3References1
CVE
CVE
added 2024/07/01 12:6 p.m.56 views

CVE-2024-4007

ABB ASPECT, NEXUS Series, and MATRIX Series (firmware up to 3.07) contain default/hard-coded credentials installed with the package, enabling login to misconfigured devices. Root cause: credentials embedded in the installer; attack surface includes Internet-adjacent exposure per public advisories...

8.8CVSS8.7AI score0.01511EPSS
Exploits3References1Affected Software1
Cvelist
Cvelist
added 2024/07/01 12:6 p.m.34 views

CVE-2024-4007 Hard coded default credential contained in install package

Default credential in install package in ABB ASPECT; NEXUS Series; MATRIX Series version 3.07 allows attacker to login to product instances wrongly configured...

8.8CVSS0.01511EPSS
Exploits3References1
OSV
OSV
added 2024/06/15 12:0 a.m.14 views

OPENSUSE-SU-2024:11500-1 virt-install-3.2.0-10.1 on GA media

These are all security issues fixed in the virt-install-3.2.0-10.1 package on the GA media of openSUSE Tumbleweed...

3.3CVSS3.8AI score0.00404EPSS
Exploits0References1
OSV
OSV
added 2024/05/07 9:15 p.m.5 views

CVE-2024-23710

In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.java, there is a possible execution of arbitrary app code as a privileged app due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...

7.8CVSS6AI score0.0009EPSS
Exploits0References2
Rows per page
Query Builder