Lucene search
K

8 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 5:23 p.m.16 views

Malicious code in @beyondbday/vibe-terminal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9859c1af428f41ba7f7eb2a1db744705f5644ff2422629d94e3de1ecb59c9405 On every launch of the vibe CLI, dist/vibe.js queries the npm registry for the latest version of @beyondbday/vibe-terminal and, if newer than the...

5.8AI score
Exploits0References4
CVE
CVE
added 2026/01/05 9:41 p.m.37 views

CVE-2025-67732

Dify (open-source LLM app platform) prior to v1.11.0 exposes API keys in plaintext to the frontend, allowing non-administrator users to view and reuse them. This can enable unauthorized access to third‑party services and potential quota abuse. A fix is available in v1.11.0 or later.

8.4CVSS6.3AI score0.00305EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 p.m.9 views

CVE-2021-41390

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection...

8CVSS6.8AI score0.0111EPSS
Exploits1
OSV
OSV
added 2021/09/17 9:15 p.m.3 views

CVE-2021-41390

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection...

8CVSS7.3AI score0.0111EPSS
Exploits1References1
NVD
NVD
added 2021/09/17 9:15 p.m.25 views

CVE-2021-41390

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection...

8CVSS0.0111EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2021/09/17 9:15 p.m.2 views

CVE-2021-41390

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection...

8CVSS7.2AI score0.0111EPSS
Exploits1References2
Prion
Prion
added 2021/09/17 9:15 p.m.15 views

Input validation

In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile Management Section is vulnerable to CSV Injection...

6CVSS7.7AI score0.0111EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.7 views

Ericsson ECM 注入漏洞

Ericsson Ecm is a cloud manager from Ericsson Sweden. A security vulnerability exists in Ericsson ECM versions prior to 18.0 that stems from the fact that in Ericsson ECM prior to 18.0, the security provider endpoint in the user profile management section is vulnerable to CSV injection...

8CVSS7.7AI score0.0111EPSS
Exploits1References2
Rows per page
Query Builder