Malicious code in weavedb-console (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9cb1233d729c7aefcbe9024196bb4af52f78854aa5ed7f46afb4fa9cd59918c1 package.json declares "preinstall": "./src/compiler/native", which auto-executes a 976 KB stripped Linux ELF binary on every npm install. The binary ...

Malicious code in weavedb-sdk-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 40b4b0c5f79c0370a77c3b559b70389ffee591aa22c76ca15c4077fe95b5078e package.json declares "preinstall": "./bin/install-deps", pointing at a 976KB packed Linux x86-64 ELF binary shipped in the tarball sha256...

OpenClaw has an unspecified vulnerability (CNVD-2026-17487)

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw has a security vulnerability that can be exploited by an attacker to execute native code after an operator approves misleading command text...

Exploit for Integer Overflow or Wraparound in Apple Ipados

Coruna: Full-Chain Safari/WebKit Exploit Kit Research & Ana...

CVE-2025-40541

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

CVE-2025-40539

A type confusion vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to execute arbitrary native code as privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services...

CVE-2025-40541

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

CVE-2025-40541

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

EUVD-2025-207543

An Insecure Direct Object Reference IDOR vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because...

Gogs 安全漏洞

Gogs Go Git Service is a self-service Git hosting service based on the Go language by the Gogs team, which supports creating and migrating public/private repositories, adding and removing repository collaborators, and so on. A security vulnerability exists in Gogs, which stems from the mishandlin...

Intel CIP 代码问题漏洞

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...

Intel System Support Utility for Windows 代码问题漏洞

Intel System Support Utility for Windows is a Windows platform-based system support utility from Intel Corporation USA. The program is mainly used to identify the hardware model, operating system version, and software installed on the computer. A code issue vulnerability exists in Intel System...

Intel Processor Identification Utility 安全漏洞

Intel Processor Identification Utility is a processor identification utility from Intel Corporation USA. The program supports the display of graphics information, chipset information, processor supported technologies, and other information. A security vulnerability exists in Intel Processor...

N-able N-central 安全漏洞

N-able N-central is an RMM platform from N-able Canada Inc. provides large-scale management, automation and orchestration capabilities for sophisticated MSPs and IT professionals. A security vulnerability exists in N-able N-central versions prior to 2025.3.1 that stems from the fact that...

Helm 代码注入漏洞

Helm is a Kubernetes package manager from the CNCF Foundation. A code injection vulnerability exists in Helm versions prior to 3.18.4 that stems from specially crafted Chart.yaml and Chart.lock files that could lead to native code execution...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 139, Firefox ESR versions prior to 115.24, and Firefox ESR versions prior to 128.11, which stems from insufficient escaping of line...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 139 and Firefox ESR versions prior to 128.11, which stems from insufficient escaping of the & symbol in the Copy as cURL feature,...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 138, which stems from an insufficient escaping of special characters by the copy as cURL feature, which could lead to native code...

Mozilla Firefox ESR 安全漏洞

Mozilla Firefox ESR is an extended support release of Firefox web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox ESR versions prior to 128.10 and prior to 115.23, which stems from insufficient escaping of special characters by the copy...