Lucene search
K

40 matches found

Chainguard
Chainguard
added 2026/06/23 8:17 a.m.5 views

GHSA-5PRR-V3J2-97MH vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.8 views

GHSA-8678-W3JW-XFC2 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.4 views

GHSA-P67V-3W7G-WJG7 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.7 views

GHSA-WFPW-MMFH-QQ69 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.7 views

GHSA-WJV4-X9W8-WM3H vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.6 views

GHSA-PHWJ-RPRQ-35PP vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.5 views

GHSA-9CV2-CFXC-V4V2 vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/06/23 8:17 a.m.7 views

GHSA-5V8H-3H3Q-446P vulnerabilities

Vulnerabilities for packages: ruby3.4-rails, kube-logging-operator, pact-broker-docker, logstash, ruby3.3-rails, ruby3.2-rails, logstash-fips, ruby4.0-rails, pact-broker-docker-fips...

5.9AI score
Exploits0
OSV
OSV
added 2026/06/05 12:53 a.m.12 views

MAL-2026-5226 Malicious code in autotel-pact (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4037ca9204d792112d198342524b35664de796ff675a0dbbee14a33874b30d57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 12:53 a.m.15 views

Malicious code in autotel-pact (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4037ca9204d792112d198342524b35664de796ff675a0dbbee14a33874b30d57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References3
Snyk
Snyk
added 2026/06/02 9:0 p.m.9 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code containing a malicious binding.gyp file that drops and runs a self-propagating cloud secret stealer. The malicious code attempts to exfiltrate AWS, GCP, Azure, Vault, and Kubernetes credentials, as well as npm an...

9.8CVSS5.6AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/05/28 3:34 p.m.6 views

au.com.dius.pact.consumer:groovy (=4.7.0-beta.1), au.com.dius.pact.consumer:junit (=4.7.0-beta.1) +1556 more potentially affected by CVE-2025-48734 via commons-beanutils:commons-beanutils (>=1.0 <=1.10.1)

commons-beanutils:commons-beanutils MAVEN version =1.0, =1.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on commons-beanutils:commons-beanutils and may be impacted: - au.com.dius.pact.consumer:groovy =4.7.0-beta.1 - au.com.dius.pact.consumer:junit...

8.8CVSS6.4AI score0.01495EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/05/28 3:34 p.m.6 views

au.com.dius.pact.consumer:groovy (=4.7.0-beta.1), au.com.dius.pact.consumer:junit (=4.7.0-beta.1) +1556 more potentially affected by CVE-2025-48734 via commons-beanutils:commons-beanutils (>=1.0 <=1.10.1)

commons-beanutils:commons-beanutils MAVEN version =1.0, =1.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on commons-beanutils:commons-beanutils and may be impacted: - au.com.dius.pact.consumer:groovy =4.7.0-beta.1 - au.com.dius.pact.consumer:junit...

8.8CVSS6.4AI score0.01495EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/04/24 12:31 p.m.10 views

ai.intelliswarm:swarmai-core (>=1.0.24 <=1.0.28), ai.intelliswarm:swarmai-distributed (>=1.0.24 <=1.0.28) +2736 more potentially affected by CVE-2025-27820 via org.apache.httpcomponents.client5:httpclient5 (>=5.4-alpha1 <=5.4.2)

org.apache.httpcomponents.client5:httpclient5 MAVEN version =5.4-alpha1, =1.0.24, =1.0.24, =1.0.24, =1.0.24, =1.0.24, =1.0.27, =1.0.24, =1.0.24, =0.0.1, =0.0.1, =0.0.4, =0.0.4, =0.0.26, =0.0.1, =0.0.2 and more Source cves: CVE-2025-27820 Source advisory: OSV:GHSA-73M2-QFQ3-56CX...

7.5CVSS6.8AI score0.00745EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/14 7:23 a.m.15 views

A week in security (April 7 &#8211; April 13)

Last week on Malwarebytes Labs: The Pall Mall Pact and why it matters Child predators are lurking on dating apps, warns report Your 23andMe genetic data could be bought by China, senator warns WhatsApp for Windows vulnerable to attacks. Update now! Man accused of using keylogger to spy on...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/04/11 3:31 p.m.18 views

The Pall Mall Pact and why it matters

The US State Department reportedly plans to sign an international agreement designed to govern the use of commercial spyware known as the Pall Mall Pact. The Pall Mall Pact, formally known as the Pall Mall Process, was initiated by France and the United Kingdom in February 2024. The goal of the...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2024/10/18 6:30 a.m.8 views

ai.optfor:spring-openai-api (>=0.1.3 <=0.3.25), ai.timefold.solver:timefold-solver-spring-boot-autoconfigure (>=1.0.0 <=1.4.0) +7541 more potentially affected by CVE-2024-38820 via org.springframework:spring-context (>=6.0.0 <=6.0.23)

org.springframework:spring-context MAVEN version =6.0.0, =0.1.3, =1.0.0, =1.0.0, =0.1.6, =0.0.2, =0.0.6, =0.0.6, =1.3.0, =4.6.18, =4.0.0, =1.0.0, =2.1.0.RELEASE, =2.1.2.RELEASE and more Source cves: CVE-2024-38820 Source advisory: OSV:GHSA-4GC7-5J7H-4QPH...

5.3CVSS6.6AI score0.00631EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/10/04 6:30 a.m.7 views

ar.com.jmfsg:api-doc (>=0.0.20 <=0.0.34), au.com.dius.pact:au.com.dius.pact.gradle.plugin (>=2.1.1 <=2.1.12) +2259 more potentially affected by CVE-2024-47855 via net.sf.json-lib:json-lib (>=0.7.1 <=2.4)

net.sf.json-lib:json-lib MAVEN version =0.7.1, =0.0.20, =2.1.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.20 and more Source cves: CVE-2024-47855 Source advisory: OSV:GHSA-WWCP-26WC-3FXM...

5.3CVSS5.8AI score0.15413EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/06/21 6:31 a.m.6 views

androidx.room:room-compiler-processing-testing (>=2.3.0 <=2.4.0-alpha04), au.com.dius.pact.provider:gradle (>=4.1.21 <=4.3.0-beta.6) +2879 more potentially affected by CVE-2021-47621 via io.github.classgraph:classgraph (>=4.0.3 <=4.8.110)

io.github.classgraph:classgraph MAVEN version =4.0.3, =2.3.0, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =4.1.21, =1.2.5.RELEASE, =1.2.5.RELEASE, =1.3.5.RELEASE, =1.3.7.RELEASE and more Source cves: CVE-2021-47621 Source advisory:...

7.5CVSS6.7AI score0.00556EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/07/31 12:0 a.m.8 views

Fedora: Security Advisory for golang-github-pact-foundation (FEDORA-2022-37aef44d1e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Rows per page
Query Builder