Malicious code in hiura-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ebb60061f29d4f4279bca1129ebfccefb928bd22364f26961205935ff71393f This is a fork of the Baileys WhatsApp library that adds undocumented behavior abusing the consumer's authenticated WhatsApp account for the author's...

SUSE CVE-2025-22242

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...

EUVD-2008-2642

Malware in sbrugna...

EUVD-2008-4354

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-22242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Worker process denial of service through file read operation. .A vulnerability exists in the Master's pubret method which is exposed to all minions. The...

Improper Validation of Specified Type of Input

Overview salt is a new approach to infrastructure management built on a dynamic communication bus. Salt can be used for data-driven orchestration, remote execution for any infrastructure, configuration management for any app stack, and much more. Affected versions of this package are vulnerable t...

UBUNTU-CVE-2025-22242

Worker process denial of service through file read operation. .A vulnerability exists in the Master's “pubret” method which is exposed to all minions. The un-sanitized input value “jid” is used to construct a path which is then opened for reading. An attacker could exploit this vulnerabilities by...

Code-Projects Job Recruitment 注入漏洞

Code-Projects Job Recruitment is an open source job portal from Code-Projects. Code-Projects Job Recruitment version 1.0 has an injection vulnerability that originates from the jid/limit parameter of the /parse/alledits.php file containing a SQL injection vulnerability...

[SECURITY] Fedora 36 Update: jid-0.7.6-10.fc36

JSON Incremental Digger is a very simple JSON querying tool. You can drill down JSON interactively by using filtering queries like jq...

Fedora: Security Advisory for jid (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: jid-0.7.6-9.fc35

JSON Incremental Digger is a very simple JSON querying tool. You can drill down JSON interactively by using filtering queries like jq...

Fedora: Security Advisory for jid (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: jid-0.7.6-9.fc36

JSON Incremental Digger is a very simple JSON querying tool. You can drill down JSON interactively by using filtering queries like jq...

DEBIAN-CVE-2015-2058

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID...

CVE-2015-2058

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID...

Code injection

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID...

CVE-2015-2058

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID...

CVE-2015-2058

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID...

CVE-2015-2058

c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authenticated users to read system memory or possibly have other unspecified impact via a crafted JID...

CVE-2015-2058

The CVE-2015-2058 entry concerns Jabber Open Source Server (Jabberd) version 2.3.2 and earlier. The underlying issue is that c2s/c2s.c truncates data without guaranteeing UTF-8 validity, allowing remote authenticated users to read system memory or cause other unspecified impacts via a crafted JID...