EUVD-2025-124243

Malicious code in npm-event-socketio-pavo npm...

Malicious code in client-connector-socket.io (npm)

The package client-connector-socket.io was found to contain malicious code...

Security Bulletin: IBM Maximo Application Suite uses k82.io package which is vulnerable to CVE-2019-11250, CVE-2020-8565, CVE-2019-11253.

Summary IBM Maximo Application Suite uses k82.io package which is vulnerable to CVE-2019-11250, CVE-2020-8565, CVE-2019-11253. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2019-11250 DESCRIPTION: Kubernetes could allow a local...

Malicious code in foxy.io-serverless-functions-on-netlify-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31fcc1352ebaac1135e5fad045763c61fc9666c1968dbd91fe87951dd50882ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xendke-io (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08c5500b7eef8bfb2a53d208d318fb9bd090cb1f6b7faa85f4238b4577a95579 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit

Exploit for multiple platform in category web applications Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory:...