MAL-2026-3552 Malicious code in @uipath/integrationservice-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3ff8598d48c12ca9fe162be025bd370560d125c36c4e5dfebfbb09bccfda3f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @uipath/integrationservice-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3ff8598d48c12ca9fe162be025bd370560d125c36c4e5dfebfbb09bccfda3f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-67274

An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive information via the excel-integration-service template download module, integration-persistence-service job listing module, portfolio-item-service data retrieval module endpoints...

CVE-2025-67274

An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive information via the excel-integration-service template download module, integration-persistence-service job listing module, portfolio-item-service data retrieval module endpoints...

CVE-2025-67274

An issue in continuous.software aangine v.2025.2 allows a remote attacker to obtain sensitive information via the excel-integration-service template download module, integration-persistence-service job listing module, portfolio-item-service data retrieval module endpoints...

CVE-2025-67274

CVE-2025-67274 affects continuous.software aangine v.2025.2. An issue in the excel-integration-service template download module, the integration-persistence-service job listing module, and the portfolio-item-service data retrieval module endpoints allows a remote attacker to obtain sensitive info...

EUVD-2023-25735

Malicious code in bioql PyPI...

CVE-2025-32435

CVE-2025-32435 affects Hydra, a CI service for Nix-based projects. The issue arises from evaluating untrusted non-flake nix code, which could allow access to secrets owned by hydra user/group. The description notes that signing keys owned by hydra-queue-runner and hydra-www are not affected. Publ...

PT-2024-28703 · Apache · Cloudstack

Name of the Vulnerable Software and Affected Versions: CloudStack versions prior to 4.18.2.1 CloudStack versions prior to 4.19.0.2 Description: The CloudStack integration API service allows running its unauthenticated API server for internal portal integrations and testing purposes. Due to improp...

Information leakage vulnerability in the teaching integration service platform of Hunan Qiangzhi Technology Development Co.

Hunan Qiangzhi Technology Development Co., Ltd. is an education informatization service provider. An information leakage vulnerability exists in the Teaching Integration Service Platform of Hunan Qiangzhi Technology Development Co. Ltd, which can be exploited by attackers to obtain sensitive...

Remote code execution

Microsoft SQL Server Integration Service VS extension Remote Code Execution Vulnerability...

CVE-2023-21568

CVE-2023-21568 affects the Microsoft SQL Server Integration Services Visual Studio extension. The vulnerability stems from improper input validation in the VS extension, enabling a local, user-interactive remote code execution with high impact (C/H/I/H; CVSS v3.1: 7.3). Exploitation details or a ...

CVE-2023-21568 Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability

...

Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability

...

KLA20235 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft SQL Server...

CVE-2020-29550

An issue was discovered in URVE Build 24.03.2020. The password of an integration user account used for the connection of the MS Office 365 Integration Service is stored in cleartext in configuration files as well as in the database. The following files contain the password in cleartext:...

Design/Logic Flaw

An issue was discovered in URVE Build 24.03.2020. The password of an integration user account used for the connection of the MS Office 365 Integration Service is stored in cleartext in configuration files as well as in the database. The following files contain the password in cleartext:...

CVE-2020-29550

An issue was discovered in URVE Build 24.03.2020. The password of an integration user account used for the connection of the MS Office 365 Integration Service is stored in cleartext in configuration files as well as in the database. The following files contain the password in cleartext:...

CVE-2020-29550

The CVE-2020-29550 issue affects URVE Build 24.03.2020, where the password for an integration user (Office 365 integration) is stored in cleartext in multiple files and in the database, enabling exposure. Affected files include Profiles/urve/files/sql_db.backup, Server/data/pg_wal/000000010000000...

PT-2020-17186 · Microsoft · Ms Office 365

Name of the Vulnerable Software and Affected Versions: URVE Build 24.03.2020 Description: An issue was discovered where the password of an integration user account, used for the connection of the MS Office 365 Integration Service, is stored in cleartext in configuration files as well as in the...