22 matches found
Malicious Package
Overview novi-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious code in novi-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...
MAL-2026-1961 Malicious code in novi-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...
CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...
The vulnerability of Novi Survey’s software for conducting surveys lies in its ability to restore unreliable data in memory, allowing a perpetrator to execute arbitrary code.
The vulnerability of Novi Survey’s software for conducting surveys is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added two vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 CVSS score: 7.8 - Android Framework Privilege Escalation...
Severe Android and Novi Survey Vulnerabilities Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added two vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 CVSS score: 7.8 - Android Framework Privilege Escalation...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20963 Android Framework Privilege Escalation Vulnerability CVE-2023-29492 Novi Survey Insecure Deserialization Vulnerability These types of vulnerabilities are...
VulnCheck KEV: CVE-2023-29492
Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account...
Novi Survey Insecure Deserialization Vulnerability
Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account...
CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...
CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...
Code injection
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...
CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Novi Survey 代码注入漏洞
Novi Survey is an advanced survey software for online surveys, web surveys and email surveys from Novi Survey. A security vulnerability exists in versions prior to Novi Survey 8.9.43676, which can be exploited by attackers to execute arbitrary code on the server in the context of a service accoun...
CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...
CVE-2023-29492
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...
CVE-2023-29492
Summary (CVE-2023-29492) NoviSurvey before version 8.9.43676 is affected by an insecure deserialization vulnerability. The flaw allows remote attackers to execute arbitrary code on the server in the context of the service account, without accessing stored survey or response data. Concrete details...
CVE-2020-13122
The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...
PlayStation serial number leads Feds to bust a massive drug ring
By Waqas This could easily be termed one of the largest Fentanyl related busts in the US but this time thanks to PlayStation serial number. The federal agents captured a large heroin ring in Novi, Michigan after raiding a condominium and discovering Fentanyl in large quantity. The quantity was so...