Lucene search
K

7 matches found

Snyk
Snyk
added 2026/03/19 11:0 p.m.5 views

Embedded Malicious Code

Overview @emilgroup/partner-portal-sdk is an A new version of the package Affected versions of this package are vulnerable to Embedded Malicious Code. The publishing pipeline of this package was compromised as the result of Trivy's GitHub Actions compromise and a malicious versions were released ...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/22 10:29 p.m.6 views

Malicious code in @vienna_cancer_center_portal/js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a76d15de3b0c984f8b9b8795e5bacb7604de14c2808edf0b4bd7f280c5d82db9 The package @viennacancercenterportal/js was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2025/10/21 9:33 p.m.3 views

Cross-site Scripting (XSS)

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the googlegadget process. An attacker can execute arbitrary JavaScript in the context of a user's browser by crafting a malicious...

7.2CVSS5.5AI score0.00224EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/13 9:31 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the comliferayusersadminwebportletUsersAdminPortletaddUserIds parameter. An attacker can assign an organizatio...

5.3CVSS6.9AI score0.00243EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/19 9:30 p.m.1 views

Information Exposure

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Information Exposure via the calendar implementation. An attacker can obtain access to other users' calendars and their names by sending crafted requests, which ma...

5.3CVSS6.9AI score0.00261EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:22 p.m.3 views

Malicious code in soho-portal (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7356090e46fa1891319a6c9ed7748c7533888fe401101bb152a9517f6a8a7283 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2019/10/24 4:9 p.m.15 views

Security Bulletin: IBM API Connect's Developer Portal(V5) is impacted by a a confidential information leak(CVE-2019-4600)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-4600 DESCRIPTION: IBM API Connect could reveal sensitive information to an attacker using a specially crafted HTTP request. CVSS Base Score: 5.3 CVSS Temporal Score: See for the current score...

5.3CVSS1.3AI score0.01427EPSS
Exploits0Affected Software1
Rows per page
Query Builder