CVE-2026-47900

Logseq is vulnerable to a stored cross-site scripting XSS. A malicious plugin can include a JavaScript payload in the "name" field of its "package.json" file, which is rendered using "innerHTML" without proper sanitization, allowing the execution of arbitrary code in the privileged host context...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

EUVD-2025-121801

Malicious code in spectron-regulus-superagent-rollup-plugin npm...

MAL-2025-25578 Malicious code in loom-plugin-package-build (npm)

The package loom-plugin-package-build was found to contain malicious code...

Malicious code in ts-plugin-file-path-support (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a29c99a3decf55fe58b9d10ce858b903ae55f7d999f98549a8416b4c12352e65 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-45401 stripe-cli Path Traversal vulnerability

stripe-cli is a command-line tool for the payment processor Stripe. A vulnerability exists in stripe-cli starting in version 1.11.1 and prior to version 1.21.3 where a plugin package containing a manifest with a malformed plugin shortname installed using the --archive-url or --archive-path flags...

SUSE: Security Advisory (SUSE-SU-2020:0969-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated flash-player-plugin packages fix security vulnerability

Updated flash-player-plugin package fixes a security vulnerability: A use after free that leads to arbitrary code execution. CVE-2019-7845...

RHEL 4 : redhat-release (EOL Notice) (RHSA-2011:0259)

The flash-plugin package on Red Hat Enterprise Linux 4 contains multiple security flaws and should no longer be used. This is the 1-month notification of Red Hat's plans to disable Adobe Flash Player 9 on Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as havi...

RedHat Security Advisory RHSA-2009:1188

The remote host is missing updates announced in advisory RHSA-2009:1188. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. Multiple security flaws were found in the way Flash Player displayed certain SWF content. An attacker could use these fla...

Critical: Red Hat Security Advisory: flash-plugin security update

An updated Adobe Flash Player package that fixes a security issue is now available for Red Hat Enterprise Linux 3 Extras, 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. The flash-plugin package contains a...