7660 matches found
Malicious code in reachelmet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6febb836164d28bdfc2cc1049e46c4af578c671a9490d420ddc480d1989755e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pnpwebackplugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6888c2825f2df715081944685cfd223319a91bd15be079cda0eef3b196631e2a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in nurijfs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0dfb2522f45a92dce996099a6087a975357067c0c126aef2f79bafc837a1fb3a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in iswpdl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d582209e9dcda5416d3ae37665139135be2ec862b9711e0bd2c5fc789f8c9c85 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ionvlite (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 158ab7ef30f4eb9120404003d28395a110428bf206893264128b1a24bc8a9f58 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in guljshint (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2631200c464ded493243d1cae6422ded696465305c19a3bb1ef0406cc5299b96 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in folior (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5401d3194a416c3f044e5bee61b67f0a09743efcfbb156f912fe758b54d46c00 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in componejtemittger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 342b8f3084ed50047c3ecb162876ab43bbe03d1c5a471c24aab4110e9570bd38 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in eactdropzone (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c52fcdf5c30440a2242d7106364f32c481da277487f9cae0438d70f5c8b3d88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bsbelplugi9naddmodu8leexports (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37c43c58177a64ac41df6b6880244446485b13c0f79737338a595ce0bbcdcddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in amll (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7776332e118bee2ea3709d76f0d17765c43c203bf54e6d901a009a8712cf7a92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in underscoer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2f4d85189d50ff681d5261ce1e6cbbd5ee174ff70cad7b6cd47ccbf22e4b41c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rchive-type (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 46bcff2ccf671339cf65674ae082d163bd033ef8b52b3c605c74834fb6d5f441 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview plutos is a malicious package. This is one of 12 malicious packages created by the same actor and discovered by Snyk. It downloads and executes malicious exe files containing malicious code that attempts to steal information from Google Chrome, tokens from Discord, and Injects a Discord...
Brave Software: Persistent user tracking is possible using window.caches, by avoiding Brave Shields
A vulnerability was discovered in Brave for iOS version 1.41.1 that allowed for persistent user tracking using window.caches, even when Brave Shields were enabled to block cookies. This could potentially allow for user tracking without their consent or knowledge...
Researchers Uncover UEFI Secure Boot Bypass in 3 Microsoft Signed Boot Loaders
A security feature bypass vulnerability has been uncovered in three signed third-party Unified Extensible Firmware Interface UEFI boot loaders that allow bypass of the UEFI Secure Boot feature. "These vulnerabilities can be exploited by mounting the EFI System Partition and replacing the existing...
CVE-2022-31148
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...
Cross site scripting
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...
CVE-2022-31148 Persistent cross site scripting in customer module in Shopware
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting XSS vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via th...
GHSA-5834-XV5Q-CGFW Shopware vulnerable to persistent cross site scripting (XSS) in customer module
Impact Persistent XSS in customer module Patches We recommend updating to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. For older versions you can use the Security Plugin:...