EUVD-2022-30302

Malicious code in bioql PyPI...

CVE-2022-25642

Obyte formerly Byteball Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution...

Malicious code in obyte-witness (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a4debb3661ec42370ef86dee9ee2a1ab55e15aa1dcddd4504a5e88ce9d37eee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in headless-obyte (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23a746248cdd3fa9fc000729a31a09edc3476b4ad4cbdec19c121fb0ca07fb77 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3583 Malicious code in headless-obyte (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 23a746248cdd3fa9fc000729a31a09edc3476b4ad4cbdec19c121fb0ca07fb77 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5009 Malicious code in obyte-witness (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4a4debb3661ec42370ef86dee9ee2a1ab55e15aa1dcddd4504a5e88ce9d37eee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview obyte-witness is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious Package

Overview headless-obyte is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package wa...

CVE-2022-25642

Obyte formerly Byteball Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution...

CVE-2022-25642

Obyte formerly Byteball Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution...

CVE-2022-25642

Obyte formerly Byteball Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution...

Remote code execution

Obyte formerly Byteball Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution...

CVE-2022-25642

Obyte formerly Byteball Wallet before 3.4.1 allows XSS. A crafted chat message can lead to remote code execution...

CVE-2022-25642

CVE-2022-25642 affects the Obyte (formerly Byteball) Wallet prior to 3.4.1. The vulnerability arises in the chat/message handling due to insufficient input filtering/escaping of user-submitted data, enabling cross-site scripting that can lead to remote code execution. Affected: Obyte Wallet

Obyte Wallet 跨站脚本漏洞

Obyte Wallet is a distributed ledger based on a directed acyclic graph Dag from the Obyte Foundation in the Principality of Liechtenstein. A cross-site scripting vulnerability exists in Obyte Wallet versions prior to 3.4.1, which stems from the software's lack of filtering and escaping of...