4880 matches found
Malicious code in aem-core-react-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95d42e3a74bd354e1f4c9ce919082af4d0f85a5bbb6cbd5f32eab262ba83cd6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10549 Malicious code in aem-core-react-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95d42e3a74bd354e1f4c9ce919082af4d0f85a5bbb6cbd5f32eab262ba83cd6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-52004
MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...
CVE-2024-52004
CVE-2024-52004 affects MediaCMS (Python/Django + React, REST API). Root cause: insufficient input validation during media upload, allowing remote code execution under specific conditions when the portal permits uploading content. Affected versions: all prior to 4.1.0; patched in 4.1.0. Practical ...
CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS
MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...
CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS
MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...
CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS
MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...
Malicious code in jupyterhub-admin-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2bee2e180dd90b59b6e2eec893ee6c4728364ca53979d371ae2f6b3c20b5198e The OpenSSF Package Analysis project identified 'jupyterhub-admin-react' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
MAL-2024-10472 Malicious code in jupyterhub-admin-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2bee2e180dd90b59b6e2eec893ee6c4728364ca53979d371ae2f6b3c20b5198e The OpenSSF Package Analysis project identified 'jupyterhub-admin-react' @ 1.0.0 npm as malicious. It is considered malicious because: - The...
Malicious code in @bytedanc-ad/mui-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0b302cda103ab4e9d60bced8da79df7126ab12cceee30b5ca171d20bc10c1a77 The OpenSSF Package Analysis project identified '@bytedanc-ad/mui-react' @ 89.3.5 npm as malicious. It is considered malicious because: - The...
MAL-2024-10465 Malicious code in @bytedanc-ad/mui-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0b302cda103ab4e9d60bced8da79df7126ab12cceee30b5ca171d20bc10c1a77 The OpenSSF Package Analysis project identified '@bytedanc-ad/mui-react' @ 89.3.5 npm as malicious. It is considered malicious because: - The...
The vulnerability of the JavaScript and TypeScript matrix-react-sdk development tools lies in the insufficient protection of sensitive data. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the JavaScript and TypeScript matrix-react-sdk development tools is related to insufficient protection of sensitive data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Malicious code in react-native-blue-crypto (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25cdf24ea56c6768c56579fca642bb9bf9510233ad5c87f48f9ec0cfc336c8c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-10277 Malicious code in react-native-blue-crypto (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25cdf24ea56c6768c56579fca642bb9bf9510233ad5c87f48f9ec0cfc336c8c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The Crypto Game of Lazarus APT: Investors vs. Zero-days
Introduction Lazarus APT and its BlueNoroff subgroup are a highly sophisticated and multifaceted Korean-speaking threat actor. We closely monitor their activities and quite often see them using their signature malware in their attacks — a full-feature backdoor called Manuscrypt. According to our...
Key Injection
matrix-react-sdk is vulnerable to Key Injection. The vulnerability is due to the SDK sharing historical message keys on invite, allowing a malicious homeserver to inject a malicious device and steal message keys when a user invites another user to a room...
MAL-2024-9458 Malicious code in monday-react-quickstart-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware eeeade5f5aa91633c87be63e8346db1068379e848dc4eee6832107dbb9f96cf3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
-tompan-reacttemplate (>=1.0.1 <=1.1.0), 0726react (=0.1.1) +31091 more potentially affected by CVE-2024-21536 via http-proxy-middleware (>=0.10.0 <=2.0.6)
http-proxy-middleware NPM version =0.10.0, =1.0.1, =1.1.0 - 0726react =0.1.1 - 0x0.icu.anima =0.1.0 - 0xgank-tea-advice-pull =1.0.0 - 0xgank-tea-balance-pencil =1.0.0 - 0xgank-tea-brick-bell =1.0.0 - 0xgank-tea-cake-victory =1.0.0 - 0xgank-tea-central-compound =1.0.0 - 0xgank-tea-characteristic...
Malicious code in soc-react-ui (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9860 Malicious code in soc-react-ui (npm)
--- -= Per source details. Do not edit below this line.=-...