26 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released on NPM. They contain malicious code, and its content was NOT yet...
EUVD-2015-5389
Malware in sbrugna...
EUVD-2019-0915
Malware in sbrugna...
EUVD-2019-0918
Malware in sbrugna...
aact-openhands (>=0.0.4 <=0.0.5), aberoth-ephemeris (>=1.0.0 <=1.0.2) +578 more potentially affected by CVE-2024-6844 via flask-cors (>=1.1.2 <=5.0.1)
flask-cors PYPI version =1.1.2, =0.0.4, =1.0.0, =1.8.8, =1.1.4, =0.0.1, =0.0.1, =0.0.4, =0.0.13, =0.1.0, =0.1.1, =0.1.0, =1.1.0, =0.0.1, =0.0.18, =1.0.2, =1.3.0 and more Source cves: CVE-2024-6844 Source advisory: OSV:GHSA-8VGW-P6QM-5GR7...
K23312037: Intel CPU vulnerability CVE-2018-3679
Security Advisory Description Escalation of privilege in Reference UI in Intel Data Center Manager SDK 5.0 and before may allow an unauthorized remote unauthenticated user to potentially execute code via administrator privileges. CVE-2018-3679 Impact There is no impact; F5 products are not affect...
Authorization
Insufficient file protection in uninstall routine for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
Design/Logic Flaw
Insufficient user prompt in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable escalation of privilege via local access...
Authorization
Insufficient file permissions checking in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow authenticated user to potentially enable escalation of privilege via local access...
CVE-2019-0102
Insufficient session authentication in web server for IntelR Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2019-0112
Improper flow control in crypto routines for IntelR Data Center Manager SDK before version 5.0.2 may allow a privileged user to potentially enable a denial of service via local access...
CVE-2019-0104
Insufficient file protection in uninstall routine for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2019-0110
Insufficient key management for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
Design/Logic Flaw
Insufficient file protection in install routine for IntelR Data Center Manager SDK before version 5.0.2 may allow an authenticated user to potentially enable information disclosure via local access...
CVE-2019-0102
Insufficient session authentication in web server for IntelR Data Center Manager SDK before version 5.0.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access...
CVE-2019-0111
The CVE-2019-0111 issue affects Intel® Data Center Manager SDK prior to version 5.0.2. According to connected sources (ICSA-19-050-01 and Intel advisory INTEL-SA-00215), it is a local information disclosure vulnerability caused by improper file permissions in the SDK’s install/login paths, exploi...
CVE-2019-0102
CVE-2019-0102 affects Intel Data Center Manager SDK before version 5.0.2. The flaw is insufficient session authentication in the web server, allowing an unauthenticated user to potentially escalate privileges via network access. CVSS v3 base score 8.8 (vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H...
CVE-2019-0105
CVE-2019-0105 affects IntelData Center Manager SDK prior to version 5.0.2. The vulnerability is caused by insufficient file permissions checking in the install routine, which could allow an authenticated user to escalate privileges via local access. The issue is documented across multiple sources...
CVE-2019-0104
CVE-2019-0104 affects Intel Data Center Manager SDK prior to 5.0.2. The issue is insufficient file protection in the uninstall routine, potentially enabling information disclosure via local access by an authenticated user. Reported under Intel advisory INTEL-SA-00215 and corroborated by multiple ...
CVE-2019-0103
The CVE-2019-0103 issue affects Intel Data Center Manager SDK prior to 5.0.2. It stems from insufficient file protection in the install routine, enabling an authenticated local attacker to disclose information. Affected product: Intel Data Center Manager SDK (pre-5.0.2). Impact is information dis...