MAL-2025-48244 Malicious code in kpi-media-metrics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b3bb2b9c205d4f8a38e5c5272fb0c10f8d0d0f12809f2e0a7b3d95f1ed5a17d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-33634

Malicious code in kpi-media-metrics npm...

Malicious code in kpi-media-metrics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b3bb2b9c205d4f8a38e5c5272fb0c10f8d0d0f12809f2e0a7b3d95f1ed5a17d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2020-3591

Malware in sbrugna...

EUVD-2020-3627

Malware in sbrugna...

EUVD-2020-3590

Malware in sbrugna...

EUVD-2022-46381

Malicious code in bioql PyPI...

Malicious code in kpi-panel (npm)

The package kpi-panel was found to contain malicious code...

CVE-2022-43342

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

CVE-2025-3767 SQL Injection in Centreon BAM boolean KPI listing

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon BAM Boolean KPi Listing modules allows SQL Injection. This page is only accessible to authenticated users with high privileges. This issue affects Centreon BAM: from 24.10 before 24.10.1,...

MAL-2025-1746 Malicious code in business-kpi-manager-1.0.0 (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2020-11237

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

MAL-2024-1847 Malicious code in business-kpi-manager (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d40c2ea693da70760733dd3ec3fd7dd594c8c49c6e937ec9699b9ec831cc960e The OpenSSF Package Analysis project identified 'business-kpi-manager' @ 4.0.4 npm as malicious. It is considered malicious because: - The packa...

QSC23 – Qualys Announces a Directional Shift to Measure, Communicate, and Eliminate Cyber Risk with New Platform and Solutions

The 2023 Qualys Security Conference QSC started wrapping up on Thursday, November 9th, with two days of new technology announcements, impactful customer use cases, and thought-provoking talks from a host of engaging speakers, including Rachel Wilson, Managing Director at Morgan Stanley and Frank...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

CVE-2022-43342

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

PT-2022-26859 · Unknown · Eramba Grc

Name of the Vulnerable Software and Affected Versions: Eramba GRC Software version c2.8.1 Description: A stored cross-site scripting XSS issue in the Add function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field. This enables...

CVE-2022-43342

A stored cross-site scripting XSS vulnerability in the Add function of Eramba GRC Software c2.8.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the KPI Title text field...

CVE-2022-28740

aEnrich eHRD Learning Management Key Performance Indicator System 5+ exposes Sensitive Information to an Unauthorized Actor...

CVE-2022-28742

CVE-2022-28742 affects aEnrich eHRD Learning Management Key Performance Indicator System (version 5+). The vulnerability is improper access control: the web application does not validate user sessions on many pages, allowing an unauthenticated attacker to access sensitive functionality. Impact de...