22 matches found
EUVD-2019-10367
Malware in sbrugna...
CVE-2025-2903
An attacker with knowledge of creating user accounts during VM deployment on Google Cloud Platform GCP using the OS Login feature, can login via SSH gaining command-line control of the operating system. This allows an attacker to gain access to sensitive data stored on the VM, install malicious...
MAL-2024-8717 Malicious code in dowload_ebok_todas_as_sextas_by_paola_carosella_uz4x6 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7fc256bc2ec352c5c3f508243cd7ca95fcc61510287dc1dc8a687cc12f6ec9f1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-G872-JWWR-VGGM Admidio Vulnerable to RCE via Arbitrary File Upload in Message Attachment
Description: Remote Code Execution Vulnerability has been identified in the Message module of the Admidio Application, where it is possible to upload a PHP file in the attachment. The uploaded file can be accessed publicly through the URL admidiobaseurl/admmyfiles/messagesattachments/filename. Th...
MAL-2024-1506 Malicious code in command-injection-avi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e54fd75c755589d5d22d320040508b52efe2fbce858fb0d335c391c2de86df60 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-880 Malicious code in wlwz-2312-7808 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 150bf82e31ac0ddbdcfdacf8e75ed3a3bc34e68b57b64427c76ef4e231f75746 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-686 Malicious code in wlwz-2312-5703 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1434c6dd4455b9791bf643c6f18857365bc27cba49db6eab7ef8da51a7f7154f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8707 Malicious code in arrays-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 058ca280756e331336b85903607b74f86355c7e7d889a956dc9a904f6e2c5485 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-284 Malicious code in dow-load-the-viscount-who-loved-me-bridgertons-2-by-julia-quinn-on-textbook-full-version- (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7cb988658f2f56da926a1098d170afd2e1e17a12e9e03a418ba6022f093149d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-730 Malicious code in react-onei (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 837ceaa824fe4087f1b965f397072bb8bec0a54c59997c5b9a422ba7a7ca1734 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-117 Malicious code in azure-sdk-fly (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab63a2e65735bf69a56d323b1f5f75f5a931d4eed13e9fd4468e38047adb773a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3903 Malicious code in internallib_v678 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fad5eff255e4aa8537a898867d022aa72241f3cc26872cb77e10c6c3c1b412ae Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4121 Malicious code in kauram (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c882c42c2ab8206b021d14126d2602149e73105490a622c4594a7f78b7b8c45c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-4332 Malicious code in lmigzpkowdysbqaj (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee494d8a4fca2c7d6e9c49880e5f58dae59f93fd9deb6cb055a6ec6362033371 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2607 Malicious code in duckduckhack.com (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0052ff314b9a16d3e634bfd02296d99e2d3dccd151fc048b3b569b41f84d5185 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1458 Malicious code in bankin_thechnical (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 47c5b9ca3265186bc02f0413021b60dd2ca80f76b0a2cb0fccd974a6e55c8e2e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2135 Malicious code in communication-identity (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 043102eb41f56cdbe3a8bd01534ea2c7994b0f9c0992a500a7e2dfca313de3b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6546 Malicious code in theme-whale-light (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c40def8d41c4b7ebb0169b850854b2a3cbdbd547e0e5e4ab2294ecf310c1b471 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains
On Nov. 23, one of the cybercrime underground's largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different...
Mozilla Firefox 3.5/3.6未明远程代码执行漏洞
Bugtraq ID: 44425 Mozilla Firefox是一款开放源代码的WEB浏览器。 Mozilla Firefox存在一个未明安全漏洞,允许攻击者以应用程序安全上下文执行任意代码。 之前如果用户使用Firefox 3.5或3.6访问诺贝尔站点,恶意程序就会没有任何警告的情况下安装在用户电脑上。 恶意软件链接两个Internet地址,都指向台湾的服务器。 Mozilla Firefox 3.6.10 Mozilla Firefox 3.6.9 Mozilla Firefox 3.6.8 Mozilla Firefox 3.6.6 Mozilla Firefox 3.6.4...