MAL-2026-1751 Malicious code in inter-site-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad622d6ddd0ce9148ff340b01f319e962703b87b7aa2cb0284e97d7d880f0d90 The package inter-site-components was found to contain malicious code...

Malicious code in inter-site-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ad622d6ddd0ce9148ff340b01f319e962703b87b7aa2cb0284e97d7d880f0d90 The package inter-site-components was found to contain malicious code...

The vulnerability of the Device Integration component of the Oracle MES for Process Manufacturing software solution, which is part of the Oracle E-Business Suite. This component allows a malicious individual to gain access to read, modify, and delete data.

The vulnerability of the Device Integration component in the Oracle MES for Process Manufacturing software solution is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow an attacker to gain read, modify, and delete access to data...

The vulnerability of the General component of the Oracle REST Data Services service allows a perpetrator to gain access to read, modify, and delete information.

The vulnerability of the General component of the Oracle REST Data Services service is related to the manipulation of inter-site requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read, modify, and delete data...

The vulnerability of the GraphQL API interface of the software platform based on git for collaborative code development on GitLab allows a hacker to perform a CSRF attack.

The vulnerability of the GraphQL API interface of a software platform based on Git for collaborative code development on GitLab is related to the manipulation of inter-site requests. Exploiting this vulnerability allows an attacker operating remotely to perform a CSRF attack...

The vulnerability of the fromSysToolRestoreSet() function in the microprogramming software for Tenda AC9 allows a attacker to perform a CSRF attack.

The vulnerability of the fromSysToolRestoreSet function in the Tenda AC9 router’s microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability could allow a remote attacker to execute a CSRF attack...

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application allows a attacker to compromise the integrity of the protected information.

The vulnerability of the Web Access component of the Oracle Primavera P6 Enterprise Project Portfolio Management application relates to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to compromise the integrity of the protected information...

The vulnerability of the 3DSecure (3DS2) protocol, related to the manipulation of inter-site requests, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the 3DSecure 3DS2 protocol is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack by altering the HTTP headers Origin and Referer...

The vulnerability of Symantec’s Privileged Access Management tool, related to the manipulation of inter-site requests, allows a perpetrator to intercept user sessions.

The vulnerability of Symantec’s Privileged Access Management tool is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to intercept user sessions remotely...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete file access rights...

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system for resource management allows a perpetrator to gain access to read, modify, and delete files.

The vulnerability of the Web Runtime SEC component of the JD Edwards EnterpriseOne Tools system relates to the manipulation of inter-site requests. Exploiting this vulnerability could allow an attacker to gain read, modify, and delete file access rights...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the manipulation of inter-site requests, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack remotely...

The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network lies in the inter-site requests that are forged. This allows a perpetrator to carry out a CSRF attack.

The vulnerability of software for monitoring, managing, and configuring VigorAP access points and VigorSwitches in the DrayTek VigorConnect local network is related to the unlimited loading of dangerous files. Exploiting this vulnerability can allow a remote attacker to…...

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the manipulation of inter-site requests, allows a perpetrator to carry out a CSRF attack.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to perform a CSRF attack through the Kubernetes Agent Server...

The vulnerability of D-Link DIR-600 router’s microprogramming software, related to the manipulation of inter-site requests, allows a hacker to increase their privileges.

The vulnerability of D-Link DIR-600 router’s microprogramming software is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to enhance their privileges by intercepting authentication requests remotely...

The vulnerability of the CMS system Netcat, related to the manipulation of inter-site requests, allows a hacker to inject arbitrary JavaScript code.

The vulnerability of the CMS system Netcat is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to inject arbitrary JavaScript code remotely...

The vulnerability of the Netcat Extra website management system is related to the ability to forge inter-site requests, allowing attackers to circumvent existing security restrictions and enhance their privileges within the system.

The vulnerability of the Netcat Extra website management system is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions and enhance their privileges within the system by sending specially crafted reques...

The vulnerability of the IBM Engineering Requirements Management DOORS application, related to the manipulation of inter-site requests, allows a perpetrator to execute arbitrary commands.

The vulnerability of the IBM Engineering Requirements Management DOORS application relates to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands remotely...

The vulnerability of the microprogramming software of Osprey Pump Controller allows a intruder to execute arbitrary commands.

The vulnerability of Microprogrammed Software in Osprey Pump Controller controllers relates to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using specially crafted HTTP requests...

The vulnerability of the modoboa/modoboa mail server, related to the manipulation of inter-site requests, allows attackers to compromise the integrity and accessibility of protected information.

The vulnerability of the modoboa/modoboa mail server is related to the manipulation of inter-site requests. Exploiting this vulnerability allows a malicious actor to compromise the integrity and accessibility of the protected information...