CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6eb27e83eb0a7173dd90b363a23376ca48d36d160d9dd55631f984b5e4f0f30e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score

Exploits0References1

OSSF Malicious Packages•added 2022/06/20 8:24 p.m.•2 views

Malicious code in mns-core-dev (npm)

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2022/06/20 8:24 p.m.•2 views

Malicious code in mns-core-ui-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dfae95502688907056860c2af741673e1eeccd248dcc866c008b8458933304bc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSV•added 2022/06/20 8:24 p.m.•5 views

MAL-2022-4648 Malicious code in mns-core-ui-dev (npm)

7AI score

Exploits0References1

OSSF Malicious Packages•added 2022/06/20 8:24 p.m.•2 views

Malicious code in eslint-config-mns-core1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9def80bbc9489f3b157528623294ac38a54a62994e8e52c6e751ca5682a4f997 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSSF Malicious Packages•added 2022/06/20 8:24 p.m.•2 views

Malicious code in mns-core-dockerr (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a586568cb282b668c838241bfccb56ee537c1e7edea5a80dc74dfcfa95171c98 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

Snyk•added 2020/04/17 12:0 a.m.•1 views

Malicious Package

Overview aliyun-mns is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using aliyun-mns...

8CVSS6.9AI score

Exploits0References2

NVD•added 2015/08/04 1:59 a.m.•12 views

CVE-2015-3961

The web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allows remote authenticated users to cause a denial of service memory corruption and reboot via a crafted URL...

3.5CVSS6.3AI score0.00576EPSS

Exploits0References3

NVD•added 2015/08/04 1:59 a.m.•12 views

CVE-2015-3960

The firmware in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches uses hardcoded RSA private keys and certificates across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms for HTTPS sessions by...

4.3CVSS6.7AI score0.0044EPSS

Exploits0References3

NVD•added 2015/08/04 1:59 a.m.•13 views

CVE-2015-3942

Multiple cross-site scripting XSS vulnerabilities in the web-server component in MNS before 4.5.6 on Belden GarrettCom Magnum 6K and Magnum 10K switches allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.00797EPSS

Exploits0References3