Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Snyk
Snykadded 2022/06/23 9:25 a.m.3 views

Malicious Package

Overview react-ldclient-default-values is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...

9.8CVSS7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 7:27 a.m.2 views

Malicious code in react-ldclient-default-values (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eef871476bf59366a51d76d7ffbf882877423325d7e20519ff251254fee606dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2022/06/20 7:27 a.m.4 views

MAL-2022-5653 Malicious code in react-ldclient-default-values (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eef871476bf59366a51d76d7ffbf882877423325d7e20519ff251254fee606dd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVDadded 2020/11/16 4:15 p.m.14 views

CVE-2020-13772

In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required...

5.3CVSS5.2AI score0.01906EPSS
Exploits1References2
Cvelist
Cvelistadded 2020/11/16 3:24 p.m.10 views

CVE-2020-13772

In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required...

5.2AI score0.01906EPSS
Exploits1References2
CVE
CVEadded 2020/11/16 3:24 p.m.43 views

CVE-2020-13772

Ivanti Endpoint Manager (up to version 2020.1.1) contains an unauthenticated information-disclosure issue in /ldclient/ldprov.cgi that allows an attacker to reveal server operating system details, local pathnames, and environment variables. Multiple sources (Red Hat, CNVD, CVE records, and ENISA-...

5.3CVSS5.1AI score0.01906EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2020/11/16 12:0 a.m.5 views

Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager EPM is a suite of endpoint security managers from Ivanti, USA. An unauthorized access vulnerability exists in Ivanti Endpoint Manager version 2020.1.1 and prior versions, which originates in /ldclient/ldprov.cgi, and can be exploited by an attacker to disclose information...

5.3CVSS6AI score0.01906EPSS
Exploits1References3
Rows per page
Query Builder