7612 matches found
Malicious code in ethchained (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec2d7a0486fc07b92c872693b5b7ff68caeb51129ed60fdeb32a6913811a91df Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
JetBrains YouTrack 日志信息泄露漏洞
JetBrains YouTrack is a project management tool developed by JetBrains that supports cloud hosting and local deployment. JetBrains YouTrack suffers from a log information disclosure vulnerability that stems from the fact that persistent tokens can be exposed in logs. An attacker can exploit this...
Malicious code in spark-ar-libs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b006a03d3e32e686234cf99060872119413445632a4820ae7cee58e29c23841 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-41743
IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to cause a denial of service using persistent connections due to improper allocation of resources...
Important: Red Hat Security Advisory: VolSync 0.10.2 for RHEL 9
VolSync v0.10.2 general availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Important: Red Hat Security Advisory: VolSync 0.11.1 for RHEL 9
VolSync v0.11.1 general availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.13 Bug Fix Update
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.14.13 on Red Hat Enterprise Linux 9 from Red Hat Container Registry. Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation...
Malicious code in juytjwfgtrhefregfef (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cfb95249bd02721a1d338dc567e4158eff44610fba37a99a76e65e0744d3dc6e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-13280
Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0. before 2.2.2...
CVE-2024-13280
Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0. before 2.2.2...
CVE-2024-13280 Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044
Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0. before 2.2.2...
CVE-2024-13280
The CVE concerns the Drupal Persistent Login module and an insufficient session expiration vulnerability that allows forceful browsing (access bypass). Affected versions are 0.0.0–before 1.8.0 and 2.0.* before 2.2.2. The root cause, as described in linked advisories, is improper session/cookie ha...
CVE-2024-13280 Persistent Login - Moderately critical - Access bypass - SA-CONTRIB-2024-044
Insufficient Session Expiration vulnerability in Drupal Persistent Login allows Forceful Browsing.This issue affects Persistent Login: from 0.0.0 before 1.8.0, from 2.0. before 2.2.2...
Drupal 安全漏洞
Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Persistent Login prior to version 1.8.0, versions 2.0. through 2.2.2, which stems from the inclusion of a session expiration insufficiency issue...
GHSA-95M2-CHM4-MQ7M PHP-Textile has persistent XSS vulnerability in image link handling
Details Persistent XSS vulnerability in image link handling of PHP-Textile versions 4.1.2 and older, when running the parser in restricted mode. In restricted mode it is expected that the input would be sanitized, allowing user-input such as user comments to be parsed and handled safely by the...
Malicious code in maplibre (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 812bdb7f3cb3a09a616e906c456e223c0069b42451a78c0df8d032054ec3f6a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in my-app-name (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3b688286528def3945fc6d678e314a2678fdddd35def920c64e4c311a29d416 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in supply-chain-planner (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e04d233f8a8aea9243490197311b90d7313bce41848541de6447f1c8538b4448 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in 32red-analytics (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9ed89d9090f04408f9fe5a5788a75ae961c0e656eafa0ea294b9974471655b3e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-50184
...