492 matches found
CVE-2026-45368
Kirby CMS is affected in versions prior to 4.9.1 and 5.4.1 by an XSS in URL handling for several first‑party renderers that emit : the (link: …) KirbyTag, the link parameter of (image: …), the image block's link field, and the HTML importer for blocks. The underlying issue does not filter dangero...
Malicious code in express-mocha-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 01d87351be0d9f68d73ec05867e55fe5712d4885fa76c70c5ec9b003ef512825 [email protected] declares a postinstall lifecycle hook that loads the package's main module, which calls fetch against an anonymous...
Malicious code in buildkite-test-collector-mocha-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37fbbae0cc3cfcba7b18566c1ab1f61417b1776206c3d0317956058c43ef61fa The package buildkite-test-collector-mocha-example was found to contain malicious code...
CVE-2020-36995
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995
CVE-2020-36995 affects Mocha Telnet Lite for iOS 4.2. The vulnerability is a denial-of-service through user configuration input: an attacker can overwrite the 'User' field with 350 repeated characters to crash the app, leading to loss of normal functionality. The affected software/component is iO...
EUVD-2020-30914
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995 Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
CVE-2020-36995 Mocha Telnet Lite for iOS 4.2 - 'User' Denial of Service
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
Mocha Telnet Lite security vulnerabilities
Mocha Telnet Lite is an open-source terminal emulation tool developed by Mocha. Version 4.2 of Mocha Telnet Lite contains a security vulnerability, which stems from improper handling of user configuration inputs, potentially leading to application crashes...
PT-2026-5273
Mocha Telnet Lite for iOS 4.2 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the user configuration input. Attackers can overwrite the 'User' field with 350 bytes of repeated characters to trigger an application crash and prevent normal...
EUVD-2025-176023
Malicious code in telesto-dotenv-safe-webdriver-mocha-jwt npm...
EUVD-2025-175601
Malicious code in webdriver-mocha-scripts-hadron-augmentedreality npm...
EUVD-2025-175388
Malicious code in zooarchaeology-mocha-markdown-neptunology npm...
EUVD-2025-176370
Malicious code in singularitarianism-interferometry-cryovolcano-mocha npm...
Malicious code in biosignature-install-mocha-vortex (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3e28139bf17900b26cfd1c36852cba7aaacebbeb146e4be1d8cbfd36b811698 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-175605
Malicious code in webdriver-mocha-electron-cache-dione npm...
EUVD-2025-180289
Malicious code in astroinformatics-accretion-dysonswarm-mocha npm...
EUVD-2025-176653
Malicious code in restart-warp-webdriver-mocha-sync npm...
EUVD-2025-178269
Malicious code in jovian-postgres-webdriver-mocha-await npm...