44 matches found
EUVD-2025-114540
Malicious code in dependencies-hugo-phenomic-node-config npm...
EUVD-2025-113517
Malicious code in fork-publish-node-config-mini-css-extract-plugin npm...
EUVD-2025-122070
Malicious code in semantic-ui-morgan-node-config-iota npm...
EUVD-2013-3963
Malware in sbrugna...
EUVD-2024-54370
Malicious code in bioql PyPI...
EUVD-2024-54371
Malicious code in bioql PyPI...
EUVD-2025-2153
Malicious code in bioql PyPI...
EUVD-2023-47972
Malicious code in bioql PyPI...
Malicious code in regulus-pegasus-lacerta-node-config (npm)
The package regulus-pegasus-lacerta-node-config was found to contain malicious code...
CVE-2025-30165 Remote Code Execution Vulnerability in vLLM Multi-Node Cluster Configuration
vLLM is an inference and serving engine for large language models. In a multi-node vLLM deployment using the V0 engine, vLLM uses ZeroMQ for some multi-node communication purposes. The secondary vLLM hosts open a SUB ZeroMQ socket and connect to an XPUB socket on the primary vLLM host. When data ...
CVE-2024-58132
In chainmaker-go aka ChainMaker before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a panic...
CVE-2024-58132
In chainmaker-go aka ChainMaker before 2.3.6, multiple updates to a single node's configuration can cause other normal nodes to perform concurrent read and write operations on a map, leading to a panic...
CVE-2025-20125 Cisco Identity Services Engine Insufficient Authorization Bypass Vulnerability
A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node. This vulnerability is due to a lack of authorization in a specific API and improper validation o...
CVE-2024-34066
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings
Pterodactyl wings is the server control plane for Pterodactyl Panel. If the Wings token is leaked either by viewing the node configuration or posting it accidentally somewhere, an attacker can use it to gain arbitrary file write and read access on the node the token is associated to. This issue h...
Wings 安全漏洞
Wings is the server control interface for Pterodactyl Panel. A security vulnerability exists in Wings versions prior to 1.11.12, which stems from a Wings token that can be accidentally disclosed by viewing the node configuration, allowing an attacker to use it to gain write and read access to...
The authfile directive in the booth config file is ignored preventing use of authentication in communications from node to node. As a result nodes that do not have the correct authentication key are not prevented from communicating with other nodes in the cluster.
...
convict 安全漏洞
convict is a featured configuration management library for Node.js. A security vulnerability exists in convict, which stems from improperly controlled modifications to object prototype attributes...