26 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
EUVD-2015-5389
Malware in sbrugna...
EUVD-2019-0915
Malware in sbrugna...
EUVD-2019-0918
Malware in sbrugna...
aact-openhands (>=0.0.4 <=0.0.5), aberoth-ephemeris (>=1.0.0 <=1.0.2) +580 more potentially affected by CVE-2024-6844 via flask-cors (>=1.1.2 <=5.0.1)
flask-cors PYPI version =1.1.2, =0.0.4, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.0.1, =0.0.4, =0.0.13, =0.1.0, =0.1.1, =0.1.0, =1.1.0, =0.0.1, =0.0.18, =1.0.2, =1.3.0 and more Source cves: CVE-2024-6844 Source advisory: OSV:GHSA-8VGW-P6QM-5GR7...
K23312037: Intel CPU vulnerability CVE-2018-3679
Security Advisory Description Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. CVE-2018-3679 Impact There is no impact; F5 products are not affect...
Design/Logic Flaw
Insufficient file protection in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2019-0102
Insufficient session authentication in web server for IntelR Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
Authorization
Insufficient file permissions checking in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-0104
Insufficient file protection in uninstall routine for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
Design/Logic Flaw
Insufficient user prompt in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access...
CVE-2019-0110
Insufficient key management for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
Authorization
Insufficient file protection in uninstall routine for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2019-0112
Improper flow control in crypto routines for IntelR Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access...
CVE-2019-0110
CVE-2019-0110 affects Intel Data Center Manager SDK prior to version 5.0.2. The vulnerability is insufficient key management that may allow an authenticated user to cause information disclosure via local access. The CNVD/VCVE lists the issue as a local-access information disclosure with a CVSS v3...
CVE-2019-0102
Insufficient session authentication in web server for IntelR Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2019-0103
The CVE-2019-0103 issue affects Intel Data Center Manager SDK prior to 5.0.2. It stems from insufficient file protection in the install routine, enabling an authenticated local attacker to disclose information. Affected product: Intel Data Center Manager SDK (pre-5.0.2). Impact is information dis...
CVE-2019-0105
CVE-2019-0105 affects IntelData Center Manager SDK prior to version 5.0.2. The vulnerability is caused by insufficient file permissions checking in the install routine, which could allow an authenticated user to escalate privileges via local access. The issue is documented across multiple sources...
CVE-2019-0105
Insufficient file permissions checking in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-0111
Improper file permissions for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...