Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:4 p.m.8 views

Malicious code in react-qr-image (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0000767e8d42376cf8a198fa59803da5acb13d0317314fcb57902d5d373f035 The package react-qr-image was found to contain malicious code. Source: ghsa-malware 72459a160e75d16a5a10d9805d6c558aabb61428411359b97050ebf70be1270f...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 10:4 p.m.6 views

EUVD-2025-199036

Malicious code in react-qr-image npm...

6.6AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:4 p.m.7 views

MAL-2025-191007 Malicious code in react-qr-image (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0000767e8d42376cf8a198fa59803da5acb13d0317314fcb57902d5d373f035 The package react-qr-image was found to contain malicious code. Source: ghsa-malware 72459a160e75d16a5a10d9805d6c558aabb61428411359b97050ebf70be1270f...

6.8AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/04 7:46 a.m.4 views

Malicious code in qr-image-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d5c6e98a52bcdf829064fd8ff9c8b7507f033e8c912af7a333211aa917e1d16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/09/04 7:46 a.m.7 views

MAL-2024-8798 Malicious code in qr-image-generator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5d5c6e98a52bcdf829064fd8ff9c8b7507f033e8c912af7a333211aa917e1d16 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVD
added 2024/07/04 1:15 p.m.17 views

CVE-2024-39165

QR/demoapp/qrimage.php in Asial JpGraph Professional through 4.2.6-pro allows remote attackers to execute arbitrary code via a PHP payload in the data parameter in conjunction with a .php file name in the filename parameter. This occurs because an unnecessary QR/demoapp folder.is shipped with the...

9.8CVSS0.00806EPSS
Exploits0References2
CVE
CVE
added 2024/07/04 12:0 a.m.58 views

CVE-2024-39165

Summary: CVE-2024-39165 affects Asial JpGraph Professional up to version 4.2.6-pro. The vulnerability arises from the presence of an unnecessary QR/demoapp folder, enabling a remote attacker to execute arbitrary PHP code via a payload placed in the data parameter and a .php filename in the filena...

9.8CVSS8AI score0.00806EPSS
Exploits0References2
Rows per page
Query Builder