CVE-2023-45311

fsevents before 1.2.11 depends on the https://fsevents-binaries.s3-us-west-2.amazonaws.com URL, which might allow an adversary to execute arbitrary code if any JavaScript project that depends on fsevents distributes code that was obtained from that URL at a time when it was controlled by an...

PHP-ECOMMERCE-PROJECT 安全漏洞

PHP-ECOMMERCE-PROJECT is an e-commerce website by the individual developer MD RAHATUL RABBI. A security vulnerability exists in PHP-ECOMMERCE-PROJECT v1.0 and earlier versions, which originates from a reflected cross-site scripting in the id parameter of the /ecommerce/products.php component, whi...

EUVD-2017-6655

Malware in sbrugna...

EUVD-2019-3302

Malware in sbrugna...

EUVD-2019-9534

Malware in sbrugna...

EUVD-2025-1932

Malicious code in bioql PyPI...

EUVD-2024-32542

Malicious code in bioql PyPI...

EUVD-2025-8416

Malicious code in bioql PyPI...

EUVD-2025-11095

Malicious code in bioql PyPI...

EUVD-2024-53106

Malicious code in bioql PyPI...

Malicious code in vortex-dragon-qps375-project (npm)

The package vortex-dragon-qps375-project was found to contain malicious code...

MAL-2025-32717 Malicious code in saturn-quasar-uss495-project (npm)

The package saturn-quasar-uss495-project was found to contain malicious code...

MAL-2025-40052 Malicious code in xylophone-myth-wbx282-project (npm)

The package xylophone-myth-wbx282-project was found to contain malicious code...

Malicious code in everest-delta-sco019-project (npm)

The package everest-delta-sco019-project was found to contain malicious code...

Malicious code in lilypad-butterfly-qzq971-project (npm)

The package lilypad-butterfly-qzq971-project was found to contain malicious code...

Malicious code in zeppelin-nymph-wpa677-project (npm)

The package zeppelin-nymph-wpa677-project was found to contain malicious code...

Malicious code in lilypad-hammock-cnr879-project (npm)

The package lilypad-hammock-cnr879-project was found to contain malicious code...

CVE-2025-50486

Improper session invalidation in the component /carrental/update-password.php of PHPGurukul Car Rental Project v3.0 allows attackers to execute a session hijacking attack...

PT-2025-26760 · Sentry · Sentry

Name of the Vulnerable Software and Affected Versions: Sentry versions 25.1.0 through 25.5.1 Description: The issue allows an authenticated attacker to access a project's issue endpoint and perform unauthorized actions, such as adding a comment, without being a member of the project's team. This...

CVE-2016-20003

The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy...