Lucene search
+L

229 matches found

EUVD
EUVD
added 2025/11/24 10:9 p.m.7 views

EUVD-2025-199043

Malicious code in react-native-log-level npm...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:9 p.m.11 views

MAL-2025-191000 Malicious code in react-native-log-level (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24d9b4b32f8ecb8d86fe3786c14e216538d2d25e1e3257627f186495dedaf9b1 The package react-native-log-level was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References4
Snyk
Snyk
added 2025/11/24 4:24 p.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
vulnersOsv
vulnersOsv
added 2025/11/24 4:24 p.m.11 views

module-mobile-js (>=1.3.8 <=1.4.0), react-native-iris-sdk (>=3.3.16 <=3.3.31) potentially affected by unknown CVE via react-native-log-level (=1.2.0)

react-native-log-level NPM version =1.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on react-native-log-level and may be impacted: - module-mobile-js =1.3.8, =3.3.16, =3.3.31 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 2025/10/31 8:48 a.m.3 views

CVE-2025-62232 Apache APISIX: basic-auth logs plaintext credentials at info level

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...

6.5AI score0.00434EPSS
Exploits0References1
OSV
OSV
added 2025/10/31 8:48 a.m.8 views

CVE-2025-62232 Apache APISIX: basic-auth logs plaintext credentials at info level

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit: ...

7.5CVSS5.8AI score0.00434EPSS
Exploits0References4
CVE
CVE
added 2025/10/07 3:19 p.m.18 views

CVE-2023-53639

Technical details about CVE-2023-53639 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories to obtain affected products, versions, and remediation information.

5.5CVSS6.2AI score0.00149EPSS
Exploits0References9Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-2229

Malware in sbrugna...

6.5CVSS5.4AI score0.00992EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-2002

Malware in sbrugna...

4.1CVSS4.5AI score0.021EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-4936

Malware in sbrugna...

2.1CVSS6.4AI score0.00345EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-1435

Malware in sbrugna...

6.5CVSS6.4AI score0.00829EPSS
Exploits0References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-5976

Malware in sbrugna...

6.5CVSS5.4AI score0.00799EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2836

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01212EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-36558

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00563EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-53818

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00594EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-14907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with log level = 3 or above then the...

6.5CVSS6.5AI score0.03151EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2020-8565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs a...

5.5CVSS6.5AI score0.00512EPSS
Exploits0References2
Veracode
Veracode
added 2025/05/30 6:30 p.m.5 views

Sensitive Information Disclosure

github.com/edgelesssys/contrast is vulnerable to information disclosure. The vulnerability is due to improper logging configuration due to secrets being written to stderr and Kubernetes logs when the log level is set to info or debug, which is the default...

6.7AI score
Exploits0
Snyk
Snyk
added 2025/05/28 2:40 p.m.1 views

Insertion of Sensitive Information into Log File

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File due to the logging configuration. An attacker can access sensitive information by exploiting the log output when the log level is set to info or debug. This is only exploitable if the...

8.5CVSS6.7AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2025/05/28 2:40 p.m.12 views

Contrast workload secrets leak to logs on INFO level

Impact When the Contrast initializer is configured with a CONTRASTLOGLEVEL of info or debug, the workload secret is logged to stderr and written to Kubernetes logs. Since info is the default setting, this affects all Contrast installations that don't customize their initializers' log level. The...

6.7AI score
Exploits0References2Affected Software1
Rows per page
Query Builder