Malicious code in frank-newton3-final-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7475946d315dcfc995a7c806043777be1e5a57b72c7c1313fc36944f37a52db1 The package frank-newton3-final-audit was found to contain malicious code. Source: ghsa-malware...

CVE-2019-12365

The Newton application through 10.0.23 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...

EUVD-2022-3123

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-12440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs...

MAL-2025-27389 Malicious code in newton-logger (npm)

The package newton-logger was found to contain malicious code...

Malicious code in newton-logger (npm)

The package newton-logger was found to contain malicious code...

USN-7427-1 dotnet8, dotnet9 vulnerability

James Newton-King discovered that .NET did not properly limit resource allocation when handling certain HTTP/3 requests. An attacker could possibly use this issue to cause a denial of service...

newtoncountytimes.com Cross Site Scripting vulnerability OBB-3929524

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

newtoninstitute.org Cross Site Scripting vulnerability OBB-3672924

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2017-12440

Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust ID...

newton.com.tw Cross Site Scripting vulnerability OBB-3070882

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

logoped-newton.ru Cross Site Scripting vulnerability OBB-2769658

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

newtoninstitute.org Cross Site Scripting vulnerability OBB-2669715

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

OpenStack Glance Server-Side Request Forgery (SSRF)

An SSRF issue was discovered in OpenStack Glance before Newton. The 'copyfrom' feature in the Image Service API v1 allowed an attacker to perform masked network port scans. With v1, it is possible to create images with a URL such as 'http://localhost:22'. This could then allow an attacker to...

GHSA-53WM-97P6-582F instack-undercloud vulnerable to symlink attack on tmp files

A flaw was found in instack-undercloud 7.2.0 as packaged in Red Hat OpenStack Platform Pike, 6.1.0 as packaged in Red Hat OpenStack Platform Oacta, 5.3.0 as packaged in Red Hat OpenStack Newton, where pre-install and security policy scripts used insecure temporary files. A local user could exploi...

Newshield NDF7000 Series suffers from weak password vulnerability

Ltd. "Newshield" was founded in 2009 in Shanghai, is a "network security" as the main axis, to "make the network more secure" for the hereinafter referred to as "Newshield Technology" was founded in 2009 in Shanghai, is a professional security company with the main axis of "network security" and...

Command Execution Vulnerability in Reporter System of Shanghai Newshield Technology Co.

Ltd. is a professional security company with "network security" as the main axis and "make the network more secure" as the mission to provide customers with network security solutions. Ltd. Reporter system there is a command execution vulnerability, attackers can use the vulnerability to execute...

Weak Password Vulnerability in Reporter System of Shanghai Newton Technology Co.

Ltd. is a professional security company with "network security" as its main axis and "making the network safer" as its mission to provide customers with total network security solutions. Ltd. Reporter system has a weak password vulnerability, which can be used by attackers to log into the system...

newton-michel.org Cross Site Scripting vulnerability OBB-1464806

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

CVE-2019-12365

The Newton application through 10.0.23 for Android allows XSS via an event attribute and arbitrary file loading via a src attribute, if the application has the READEXTERNALSTORAGE permission...