MAL-2026-4745 Malicious code in clearml-truen-patch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 868fbff2db730a4a67f808b6c9bd35aa78392be592adb2d66d6be659772610f6 This package is published as clearml-truen-patch but its PKG-INFO/setup.py declare Author=ClearML, [email protected], and...

Synology Router Manager 路径遍历漏洞

Synology Router Manager SRM is a software used to configure and manage Synology routers from China-based Synology. A path traversal vulnerability exists in Synology Router Manager SRM, which originates from a remote authenticated user being able to obtain the status of an installed package...

Linux Distros Unpatched Vulnerability : CVE-2021-45085

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS can occur in GNOME Web aka Epiphany before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS...

Malicious code in @loybung/unicode-fonts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 977a645be3c24178c2efe83570b0da277294e1f25f354f1e01934a67a92ccf8b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3556 Malicious code in passports-twitter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ed2e22762097011eaacc32402595cb2ee0cc37014af41523745f7fd75f14f32 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2162 Malicious code in aem-headless-advanced-tutorial-wknd-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1fb0b752510b8d479c92185f2871183cd1bbd1ef4d7507d43ccd130c3fd24e1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-21334

In App Ops Service, there is a possible disclosure of information about installed packages due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a security vulnerability that stems from incorrect input validation that could potentially change the name of the installed package...

MAL-2023-548 Malicious code in karma-jasmine-i-global (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e549b03e79b04aa24627294bb5599da9fb989a712bfbe3a6048c97bed62778b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5871 Malicious code in runtlcontribconcat (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 156a2ee2d37ee35d19e575401b36138616ad0ba895a6e9f93cbe2da0ed778b21 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-20322

In PackageManager, there is a possible installed package disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

PT-2022-9127 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version 13 Description: In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local information...

S.u.S.E. Linux 6.3/6.4 Installed Package Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1707/info By submitting a specific url to the web server http://hosts.any/doc/packages/ , any user from any host may obtain a list of packages installed on a S.u.S.E 6.3 or 6.4 system. This problem is due to a configurati...