4 matches found
GHSA-GMMV-4CC5-WR9R SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs
Summary SiYuan publish-mode Reader can mutate Conf and SQL index via 8 ungated APIs POST /api/graph/getGraph, POST /api/graph/getLocalGraph, POST /api/sync/setSyncInterval, POST /api/storage/updateRecentDocViewTime, POST /api/storage/updateRecentDocCloseTime, POST...
Malicious code in namei-mla-abunubuiau (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c715bf67d8c4af083c124f69f0b9ece2c1bcd7a8967a4a7b15d5086526ce5dab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fatidra-nutay-tatu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 70eef2c4ae797950672c0b8ac90a6ea07ffcab5027135e457358708b59fe1504 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hanafi-kupat50-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68934e5556ed9a34acc93e5b9bb5b460f140d8bb35986cca0c3461f193c964db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...