287 matches found
CVE-2023-49899 Origin Validation Error in X-Rite MA-T6
An unauthenticated remote attacker can execute any command on the affected device due to not correctly verifying the origin of a communication channel...
CVE-2023-49899
Summary: CVE-2023-49899 affects X-Rite MAT 6 Kohinoor embedded spectrometer software. The root cause is insufficient origin validation/input validation in the communication channel, enabling a remote, unauthenticated attacker to execute commands on the device. Vulnerability details: Affected prod...
CVE-2023-49900
CVE-2023-49900 affects X-Rite MAT 6 Kohinoor embedded spectrophotometer software. The issue is an origin validation error caused by incorrectly sanitized input in the SetParameter command, enabling an unauthenticated remote attacker to achieve remote code execution. The CVSS 3.1 vector is Network...
CVE-2023-49900 Origin Validation Error in X-Rite MA-T6
An unauthenticated remote attacker is able to perform remote code execution due to incorrectly sanitized user input in the SetParameter command...
Malicious code in amplitude-ma-ts (npm)
npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...
MAL-2026-3028 Malicious code in amplitude-ma-ts (npm)
npm stealer. Hardcoded Discord webhook id 1497047226428690432 in postinstall Folder/bin/S.js. Exfils hostname, whoami, pwd, publicip api.ipify.org, /etc/hosts via Discord embed. v1.0.21 empty placeholder, v1.0.22 shipped payload — name-squat-then-poison. Typosquats @amplitude/ analytics scope...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: mapletree: Fixed the MASTATEPREALLOC flag in maspreallocate. The preallocation flag is temporarily cleared when explicit requests for allocations are made. Existing allocations are already counted against the request through...
EUVD-2025-143146
Malicious code in buis-manis-ma npm...
EUVD-2025-143255
Malicious code in anita-manhuat-ma npm...
EUVD-2025-140276
Malicious code in miands-ma-nuru npm...
EUVD-2025-143256
Malicious code in anita-manahuddat-ma npm...
EUVD-2025-143254
Malicious code in anita-manuat-ma npm...
Malicious code in anita-manahuddat-ma (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b3de13d54ba9842e6d52f3da49c6c944ccad04b31de8f5a2ad44f9ae82e6955 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-143022
Malicious code in buis-suninna-ma npm...
EUVD-2025-143259
Malicious code in anita-manahudat-ma npm...
EUVD-2025-144454
Malicious code in hereis-ma-ta npm...
EUVD-2025-147276
Malicious code in uaragifa-ma-sauf npm...
EUVD-2025-147273
Malicious code in uaragifa-ma-sayugauf npm...
EUVD-2025-147275
Malicious code in uaragifa-ma-sauuf npm...
EUVD-2025-147270
Malicious code in uaragifa-ma-sfu npm...