MAL-2025-192566 Malicious code in shopify-monorail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aef2f1cf1e314cd9c5336d39ab49f2906fba52d48adadeed13adb5cf4104aa6d The package shopify-monorail was found to contain malicious code. Source: ghsa-malware fedb52b0658528a4cece77bf4ef96fff3b11449dbd45c44084d4308b1e4e3f...

Malicious code in shopify-monorail (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aef2f1cf1e314cd9c5336d39ab49f2906fba52d48adadeed13adb5cf4104aa6d The package shopify-monorail was found to contain malicious code. Source: ghsa-malware fedb52b0658528a4cece77bf4ef96fff3b11449dbd45c44084d4308b1e4e3f...

EUVD-2025-203047

Malicious code in shopify-monorail npm...

EUVD-2018-11032

Malware in sbrugna...

EUVD-2018-2178

Malware in sbrugna...

Malicious code in npm_package_dependencies__shopify_monorail (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2772 Malicious code in npm_package_dependencies__shopify_monorail (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in react-monorail-next (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f0a9004be0e59dea57780bc6d6ecf6d8d2cced159161b7b13030c87592bfb0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5654 Malicious code in react-monorail-next (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f0a9004be0e59dea57780bc6d6ecf6d8d2cced159161b7b13030c87592bfb0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

php:php-fuzz-mbstring: Heap-use-after-free in quantifiers_memory_node_info

Detailed Report: https://oss-fuzz.com/testcase?key=5672130576646144 Project: php Fuzzing Engine: libFuzzer Fuzz Target: php-fuzz-mbstring Job Type: libfuzzerasani386php Platform Id: linux Crash Type: Heap-use-after-free READ 4 Crash Address: 0xf5239f80 Crash State: quantifiersmemorynodeinfo...

llvm:clang-fuzzer: Segv on unknown address in clang::LookupResult::sanity

Detailed Report: https://oss-fuzz.com/testcase?key=4872329519955968 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: clang::LookupResult::sanity...

llvm:clang-fuzzer: Segv on unknown address in clang::Parser::tryParseCXXIdExpression

Detailed Report: https://oss-fuzz.com/testcase?key=5730465248182272 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: clang::Parser::tryParseCXXIdExpression...

llvm:clang-fuzzer: Segv on unknown address in clang::Decl::AccessDeclContextSanity

Detailed Report: https://oss-fuzz.com/testcase?key=5644750535524352 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-fuzzer Job Type: libfuzzermsanllvm Platform Id: linux Crash Type: Segv on unknown address Crash Address: Crash State: clang::Decl::AccessDeclContextSanity LookupDirect...

llvm:clang-objc-fuzzer: Heap-use-after-free in clang::TokenLexer::Lex

Detailed Report: https://oss-fuzz.com/testcase?key=5647561683107840 Project: llvm Fuzzing Engine: libFuzzer Fuzz Target: clang-objc-fuzzer Job Type: libfuzzerasanllvm Platform Id: linux Crash Type: Heap-use-after-free READ Crash Address: 0x634000002840 Crash State: clang::TokenLexer::Lex...

binutils:fuzz_disassemble: Stack-buffer-overflow in get_indirect_operand

Detailed Report: https://oss-fuzz.com/testcase?key=5663912053178368 Project: binutils Fuzzing Engine: afl Fuzz Target: fuzzdisassemble Job Type: aflasanbinutils Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 1 Crash Address: 0x7f4f3e03ae5a Crash State: getindirectoperand printtwoopera...

CVE-2018-19335

Google Monorail before 2018-06-07 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with a crafted groupby value can be used to obtain sensitive information about the content of bug reports...

CVE-2018-19335

Google Monorail before 2018-06-07 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with a crafted groupby value can be used to obtain sensitive information about the content of bug reports...

CVE-2018-19334

Google Monorail before 2018-05-04 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with an unsupported axis can be used to obtain sensitive information about the content of bug reports...

CVE-2018-19334

Google Monorail before 2018-05-04 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with an unsupported axis can be used to obtain sensitive information about the content of bug reports...

CVE-2018-10099

Google Monorail before 2018-04-04 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with duplicated columns can be used to obtain sensitive information about the content of bug reports...