338 matches found
CVE-2023-54352
WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands...
EUVD-2023-60583
WordPress Seotheme contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by uploading malicious files to the theme directory. Attackers can access the uploaded PHP shell at /wp-content/themes/seotheme/mar.php to execute system commands...
CVE-2023-54352
The CVE-2023-54352 entry concerns WordPress Seotheme, where unauthenticated attackers can trigger remote code execution by uploading malicious files to the theme directory. The attack enables access to a PHP shell at /wp-content/themes/seotheme/mar.php to run system commands and upload additional...
PT-2026-39659
Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
CVE-2025-15555 Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...
Mozilla Firefox ESR < 60.2
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-21 advisory. - A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by...
EUVD-2025-139060
Malicious code in nuyar-mar-aifo npm...
Malicious code in nuyar-mar-afad (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbb265f7dde2b192e246d6023e4c6c8fec9cec781ecc92eb74957039582f95b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-139057
Malicious code in nuyar-mar-aiforxa npm...
EUVD-2025-139068
Malicious code in nuyar-mar-af npm...
EUVD-2025-139064
Malicious code in nuyar-mar-afadaff npm...
EUVD-2025-139063
Malicious code in nuyar-mar-afadaffn npm...
EUVD-2025-139061
Malicious code in nuyar-mar-aif npm...
EUVD-2025-139059
Malicious code in nuyar-mar-aifor npm...
Malicious code in nuyar-mar-aifo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3823c5f7c1e6f9d8b6c98da2115dd033dd0a0f8e80263d69b67f8939e873b2a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-139067
Malicious code in nuyar-mar-afa npm...
EUVD-2025-139062
Malicious code in nuyar-mar-afadf npm...
Malicious code in nuyar-mar-aiforx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a00cad89bca29ca05edad38de0d804751f827d6d04c6e3b19e98058f9b1691ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...