723 matches found
EUVD-2008-5240
Malware in sbrugna...
EUVD-2023-38203
Malicious code in bioql PyPI...
MAL-2025-47111 Malicious code in @corp-ais/mychannel-shared-libs (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5f0e8cfbe80a4f93fca6e505e8d783eb28bae0448cb594f0affede6c773532f Any computer that has this package installed or running should be considered...
appRain CMF cross-site scripting vulnerability (CNVD-2025-21115)
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/baselibs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
CVE-2025-41050
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/baselibs...
CVE-2025-41050 Stored Cross-Site Scripting vulnerability in appRain CMF
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAddonlayouts' and 'dataAddonlayoutsexcept' parameters in /apprain/developer/addons/update/baselibs...
appRain CMF 跨站脚本漏洞
appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user input in the /apprain/developer/addons/update/baselibs endpoint. An attacker could use this vulnerability to steal the victim's cookie-based authentication...
org.webjars.npm:crypto-browserify (>=3.2.6 <=3.2.8), org.webjars.npm:node-libs-browser (>=0.5.2 <=0.5.3) +1 more potentially affected by CVE-2025-9288 via org.webjars.npm:sha.js (>=2.2.6 <=2.3.6)
org.webjars.npm:sha.js MAVEN version =2.2.6, =3.2.6, =0.5.2, =0.5.3 - org.webjars.npm:shasum =1.0.1 Source cves: CVE-2025-9288 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-12089401...
Malicious code in dds-ddw_spa_libs_primeng (npm)
The package dds-ddwspalibsprimeng was found to contain malicious code...
Malicious code in @solanas-libs/check-balance (npm)
The package @solanas-libs/check-balance was found to contain malicious code...
Malicious code in @zalastax/nolb-lion-libs (npm)
The package @zalastax/nolb-lion-libs was found to contain malicious code...
Malicious code in linux-libs (npm)
The package linux-libs was found to contain malicious code...
MAL-2025-12219 Malicious code in @zalastax/nolb-lion-libs (npm)
The package @zalastax/nolb-lion-libs was found to contain malicious code...
MAL-2025-9331 Malicious code in @solanas-libs/check-balance (npm)
The package @solanas-libs/check-balance was found to contain malicious code...
MAL-2025-25413 Malicious code in linux-libs (npm)
The package linux-libs was found to contain malicious code...
Malicious code in lynx-libs-mono (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7dcde725ba12b559bfd1e62b8d6058ced4b0a5ed11b9f168f8f6f576b42ef801 The OpenSSF Package Analysis project identified 'lynx-libs-mono' @ 1.0.10 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6796 Malicious code in lynx-libs-mono (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7dcde725ba12b559bfd1e62b8d6058ced4b0a5ed11b9f168f8f6f576b42ef801 The OpenSSF Package Analysis project identified 'lynx-libs-mono' @ 1.0.10 npm as malicious. It is considered malicious because: - The package...
CVE-2025-40776
A named caching resolver that is configured to send ECS EDNS Client Subnet options may be vulnerable to a cache-poisoning attack. This issue affects BIND 9 versions 9.11.3-S1 through 9.16.50-S1, 9.18.11-S1 through 9.18.37-S1, and 9.20.9-S1 through 9.20.10-S1...
Oracle OpenJDK 8.x - 11.x Vulnerability (Jul 2025)
Oracle OpenJDK is prone to a vulnerability in the core-libs/javax.script component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] Fedora 42 Update: python3.11-3.11.13-1.fc42
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...