267 matches found
Malicious code in malicious-pkg-demo (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in test-pkg-blabla (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83b007683c452075ec2dfb23b7de20d38b8d28441ce63b4745fd114bba008a94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Fedora: Security Advisory for rust-uu_tee (FEDORA-2024-40ee18b2e7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-46565
A buffer overflow vulnerability has been detected in osrg gobgp. This flaw allows a remote attacker to initiate a denial of service attack. This vulnerability arises due to improper handling of errors within the handlingError function located in pkg/server/fsm.go...
Malicious code in scundev-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d6b38dd087840ac0c2e03a22124c4b5eead12b96f0cc99579a07a8164172c516 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-46565
Buffer Overflow vulnerability in osrg gobgp commit 419c50dfac578daa4d11256904d0dc182f1a9b22 allows a remote attacker to cause a denial of service via the handlingError function in pkg/server/fsm.go...
From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader...
CVE-2024-24828
An incorrect default permissions vulnerability was found in pkg. This issue allows an attacker who has access to the /tmp/pkg/ on the local system to replace the genuine executables in the shared directory with malicious executables of the same name...
Hardcoded credentials
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within...
CVE-2024-24828 Local Privilege Escalation in execuatables bundled by pkg
pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within...
CVE-2024-24828
CVE-2024-24828 describes a local privilege escalation in the Node.js tool pkg. The vulnerability arises because native-code packages built by pkg are written to a hardcoded, shared directory (/tmp/pkg/) on UNIX-like systems with non-unique, predictable names. An attacker with access to the same l...
pkg security vulnerability
npm pkg is a library from npm that packages Node.js projects into executables. A security vulnerability exists in pkg 5.8.1 and earlier, which stems from the fact that any native code package pkg built writes to a hardcoded directory, and can be exploited by an attacker to replace a genuine...
CVE-2023-47620 Scrypted reflected Cross-site Scripting vulnerability
Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the owner' and 'pkg parameters. An attacker can run arbitrary JavaScript code...
PT-2023-30517 · Scrypted · Scrypted
Name of the Vulnerable Software and Affected Versions: Scrypted versions 0.55.0 and prior Description: A reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the owner and pkg parameters, allowing an attacker to run arbitrary JavaScript code. This issue may lead to...
GHSA-CQVV-R3G3-26RF free5GC udm vulnerable to Invalid Curve Attack
pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...
free5GC udm vulnerable to Invalid Curve Attack
pkg/suci/suci.go in free5GC udm before 1.2.0, when Go before 1.19 is used, allows an Invalid Curve Attack because it may compute a shared secret via an uncompressed public key that has not been validated. An attacker can send arbitrary SUCIs to the UDM, which tries to decrypt them via both its...
Privilege escalation
An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files...
CVE-2023-41902
An XPC misconfiguration vulnerability in CoreCode MacUpdater before 2.3.8, and 3.x before 3.1.2, allows attackers to escalate privileges by crafting malicious .pkg files...
CVE-2023-41902
CVE-2023-41902 affects CoreCode MacUpdater prior to 2.3.8 and 3.x prior to 3.1.2. An XPC misconfiguration allows privilege escalation by processing crafted malicious .pkg files. Impacts include local attacker access to escalate privileges; no exploitation details are provided in the documents. Re...
Malicious code in betterbit-frame-pkg (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 53eac7cc9bba8053669c385b94e164e86f694e7bfe956ed4c6f89e4f45b43149 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...