Lucene search
K

22 matches found

Snyk
Snyk
added 2026/03/20 4:49 a.m.2 views

Malicious Package

Overview novi-cli is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/20 4:49 a.m.9 views

Malicious code in novi-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/03/20 4:49 a.m.3 views

MAL-2026-1961 Malicious code in novi-cli (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f8efd6fadd98f176db87625b5ab11bb8c301425b5cac56b3a6e06cea11480e5 The package novi-cli was found to contain malicious code. Source: ghsa-malware 6869c6ff2172bab7034855a5b3343c548e54f977036706052a989d381b471ce5 Any...

5.7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:39 p.m.9 views

CVE-2023-29492

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...

9.8CVSS7.7AI score0.0269EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/04/25 12:0 a.m.5 views

The vulnerability of Novi Survey’s software for conducting surveys lies in its ability to restore unreliable data in memory, allowing a perpetrator to execute arbitrary code.

The vulnerability of Novi Survey’s software for conducting surveys is related to the restoration of unreliable data in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.0269EPSS
Exploits0References4Affected Software1
The Hacker News
The Hacker News
added 2023/04/14 7:15 a.m.3 views

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added two vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 CVSS score: 7.8 - Android Framework Privilege Escalation...

9.8CVSS7.4AI score0.0269EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/04/14 7:15 a.m.65 views

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added two vulnerabilities to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 CVSS score: 7.8 - Android Framework Privilege Escalation...

9.8CVSS8.4AI score0.0269EPSS
Exploits0
CISA
CISA
added 2023/04/13 12:0 p.m.4 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20963 Android Framework Privilege Escalation Vulnerability CVE-2023-29492 Novi Survey Insecure Deserialization Vulnerability These types of vulnerabilities are...

9.8CVSS8.3AI score0.0269EPSS
In wildExploits0References7
VulnCheck KEV
VulnCheck KEV
added 2023/04/13 12:0 a.m.5 views

VulnCheck KEV: CVE-2023-29492

Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account...

9.8CVSS7.7AI score0.0269EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2023/04/13 12:0 a.m.18 views

Novi Survey Insecure Deserialization Vulnerability

Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account...

9.8CVSS8.8AI score0.0269EPSS
In wildExploits0
NVD
NVD
added 2023/04/11 5:15 a.m.23 views

CVE-2023-29492

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...

9.8CVSS9.8AI score0.0269EPSS
Exploits0References2
OSV
OSV
added 2023/04/11 5:15 a.m.4 views

CVE-2023-29492

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...

9.8CVSS6.2AI score0.0269EPSS
Exploits0References2
Prion
Prion
added 2023/04/11 5:15 a.m.16 views

Code injection

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...

7.5CVSS9.7AI score0.0269EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/04/11 12:0 a.m.22 views

CVE-2023-29492

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS9.6AI score0.0269EPSS
In wildExploits0References2
CNNVD
CNNVD
added 2023/04/11 12:0 a.m.4 views

Novi Survey 代码注入漏洞

Novi Survey is an advanced survey software for online surveys, web surveys and email surveys from Novi Survey. A security vulnerability exists in versions prior to Novi Survey 8.9.43676, which can be exploited by attackers to execute arbitrary code on the server in the context of a service accoun...

9.8CVSS9.2AI score0.0269EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/04/11 12:0 a.m.26 views

CVE-2023-29492

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...

9.9AI score0.0269EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/11 12:0 a.m.16 views

CVE-2023-29492

Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data...

7.7AI score0.0269EPSS
Exploits0References1
CVE
CVE
added 2023/04/11 12:0 a.m.639 views

CVE-2023-29492

Summary (CVE-2023-29492) NoviSurvey before version 8.9.43676 is affected by an insecure deserialization vulnerability. The flaw allows remote attackers to execute arbitrary code on the server in the context of the service account, without accessing stored survey or response data. Concrete details...

9.8CVSS9AI score0.0269EPSS
In wildExploits0References2Affected Software1
OSV
OSV
added 2020/08/17 4:15 p.m.4 views

CVE-2020-13122

The novish command-line interface, included in NoviFlow NoviWare before NW500.2.12 and deployed on NoviSwitch devices, is vulnerable to command injection in the "show status destination ipaddr" command. This could be used by a read-only user monitoring group or admin to execute commands on the...

8.8CVSS7.4AI score
Exploits0References1
HackRead
HackRead
added 2019/03/05 4:44 p.m.64 views

PlayStation serial number leads Feds to bust a massive drug ring

By Waqas This could easily be termed one of the largest Fentanyl related busts in the US but this time thanks to PlayStation serial number. The federal agents captured a large heroin ring in Novi, Michigan after raiding a condominium and discovering Fentanyl in large quantity. The quantity was so...

0.9AI score
Exploits0
Rows per page
Query Builder