78 matches found
Remote code execution in vscode-npm-script
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability...
GHSA-R84V-QFF8-JV5G Remote code execution in vscode-npm-script
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability...
Malicious Package
Overview vscode-npm-script is a malicious package. It uses a preinstall script to steal environment variables. Remediation Avoid using all malicious instances of the vscode-npm-script package. Credit: Snyk Research...
CVE-2021-26700
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability...
CVE-2021-26700
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability...
Remote code execution
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability...
CVE-2021-26700 Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
...
PT-2021-17098 · Microsoft · Visual Studio Code Npm-Script Extension
Name of the Vulnerable Software and Affected Versions: Visual Studio Code npm-script Extension affected versions not specified Description: The issue concerns a remote code execution vulnerability in the Visual Studio Code npm-script Extension. There is no information provided about the estimated...
Security Update for Microsoft Visual Studio Code npm-script Extension (Feb 2021)
A remote code execution vulnerability exists in Visual Studio Code when the npm-script extension loads. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. Note that Nessus has not tested for this issue but has instead relied only ...
Visual Studio Code npm-script Extension Remote Code Execution Vulnerability
...
Microsoft Visual Studio Code npm-script plugin security vulnerability
Microsoft Visual Studio Code is an open source code editor from Microsoft. A security vulnerability exists in the npm-script plugin for Microsoft Visual Studio Code. The following products and versions are affected: Visual Studio Code - npm-script Extension...
KLA12073 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in .NET Core can be...
GHSA-322M-P39J-R5M2 npm-script-demo is malware
The npm-script-demo package is a piece of malware that opens a connection to a command and control server and executed the instructions it is given. It has been removed from the npm registry. Recommendation Any computer that has this package installed or running should be considered fully...
Unspecified vulnerability in npm-script-demo
npm-script-demo is a package. A security vulnerability exists in npm-script-demo. No details of the vulnerability are provided at this time...
Malicious JavaScript Package Detection
Detection and reporting of known malicious JavaScript packages or package versions. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...
Design/Logic Flaw
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry...
CVE-2017-16128
The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry...
System Compromise
npm-script-demo compromises the system. It is possible because the module can create an unauthorized connection to a command and control server when it is installed...