Malicious code in cheerio-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d51a2885f4eaff732d1ef7ab065b04d21c59263b1212d5b92b92c87914ef879 cheerio-tool typosquats the popular cheerio HTML parser README claims 'Cheerio Tool utility helpers', keywords are 'lodash','utilities', and index.js...

CVE-2024-45712

SolarWinds Serv-U is vulnerable to a client-side cross-site scripting XSS vulnerability. The vulnerability can only be performed by an authenticated account, on the local machine, from the local browser session. Therefore the risk is very low...

PT-2025-1203 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue concerns applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP, which store user input in the local browser storage to...

CVE-2023-36463 Cross site scripting (XSS) in meldekarten generator

Meldekarten generator is an open source project to create a program, running locally in the browser without the need for an internet-connection, to create, store and print registration cards for volunteers. All text fields on the webpage are vulnerable to XSS attacks. The user input isn't fully...

SUSE CVE-2022-22757

Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have allowed websites to connect back locally to the user's browser to control it. This bug only affected Firefox when WebDriver was enabled, which is not the default configuration.. This vulnerability affect...

MAL-2023-2452 Malicious code in yfinacne (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 83f90f1335de6525d7c34d7d1fe32c807964daff9ce061822f0e18a96ab4bf66 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1721 Malicious code in cryptocompae (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1f96db8a11352eb1672bf334796a7f50903eaf34d76696d3840c568f12092e9f Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

MAL-2023-1840 Malicious code in freqtradde (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 365f5fc00d47654f001fec8fd784ce03d76e6e2e9e2fed0718087e927fe9d6d9 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

CVE-2019-17633

For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. Che with no authentication and no TLS is not usually deployed on a public network but is often used for local installations e.g. ...

CVE-2016-2972

IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. IBM X-Force ID: 113855...

Orion Browser Dumper v1.0 released

Orion Browser Dumper v1.0 released Jean-Pierre LESUEUR DarkCoderSc releases another Browser Forensic tool for Community called "Orion Browser Dumper v1.0". This software is an advanced local browser history extractor dumper, in less than few seconds like for Browser Forensic Tool it will extract...

Encipher It : Easiest Browser based Advanced Encryption Tools [Video Demonstration]

Encipher It : Easiest Browser based Advanced Encryption Tools Video Demonstration "Encipher It" One of the best and easiest AES Text encryptor for Google Mail or anything else. It Provide more secure PBKDF2 Password-Based Key Derivation Function key generation. It use Advanced Encryption Standard...