Malicious code in ethers-jss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 56bf62c882d62bbb9bacc402f0f25f48e12b878ff454eda013fed56dc61db42e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview ethers-jss is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

MiracleLinux 7 : jss-4.4.6-3.el7_7 (AXSA:2019-4345:04)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4345:04 advisory. JSS: OCSP policy Leaf and Chain implicitly trusts the root certificate CVE-2019-14823 Tenable has extracted the preceding description block directly from the...

CVE-2021-33575

The Pixar ruby-jss gem before 1.6.0 allows remote attackers to execute arbitrary code because of the Plist gem's documented behavior of using Marshal.load during XML document processing...

EUVD-2021-2261

Malware in sbrugna...

EUVD-2019-5951

Malware in sbrugna...

EUVD-2020-30800

Malware in sbrugna...

EUVD-2022-51497

Malicious code in bioql PyPI...

EUVD-2021-34071

Malicious code in bioql PyPI...

CVE-2025-43813

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...

Liferay Portal vulnerable to path traversal and denial-of-service in the ComboServlet

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...

GHSA-2HM7-R8F3-423H Liferay Portal vulnerable to path traversal and denial-of-service in the ComboServlet

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...

PT-2025-40037

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...

CVE-2025-43813

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...

CVE-2025-43813

Possible path traversal vulnerability and denial-of-service in the ComboServlet in Liferay Portal 7.4.0 through 7.4.3.107, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.4, 2023.Q3.1 through 2023.Q3.8, 7.4 GA through update 92, 7.3 GA through update 35, and older...

CVE-2025-43813

Summary (CVE-2025-43813) : Liferay Portal (ComboServlet) is vulnerable to path traversal in affected versions (Portal 7.4.0–7.4.3.107, older unsupported; Liferay DXP 2023.Q3/Q4 series; related 7.4/7.3 GA updates). The flaw allows remote attackers to access arbitrary CSS/JS files and load them rep...

Liferay Portal和Liferay DXP 路径遍历漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

CVE-2020-36850

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

CVE-2020-36850

An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 - 14.0.1 that may cause page content intended for one user to be shown to another user...

CVE-2020-36850

CVE-2020-36850 affects Sitecore JSS React Sample Application versions 11.0.0 through 14.0.1, with an information-disclosure flaw that may cause page content intended for one user to be shown to another user. The connected sources consistently describe a cross-user data exposure but do not provide...