Malicious code in camera-kit-react-native-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dd6f549d4d0f68b91fde2f49d2d3d424d09a744224c5b2f97c9c7fc901f51b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10844 Malicious code in camera-kit-react-native-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dd6f549d4d0f68b91fde2f49d2d3d424d09a744224c5b2f97c9c7fc901f51b4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MarkUs 代码问题漏洞

MarkUs is a Ruby on Rails and React web application from MarkUs open source for submitting and grading student assignments. A code issue vulnerability exists in MarkUs versions prior to v2.4.8, which stems from the presence of an arbitrary file write vulnerability that allows an authenticated use...

Malicious code in react-pro-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e36b1f84a78fdd75413789d169ba2770aee6218073cb5a52d7ce2997b7684a74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10776 Malicious code in react-pro-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e36b1f84a78fdd75413789d169ba2770aee6218073cb5a52d7ce2997b7684a74 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-is-16 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66059d9e879f615ec449be8496988b1e02f5bfdcf0ba355c2fba23a87777b494 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10775 Malicious code in react-is-16 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 66059d9e879f615ec449be8496988b1e02f5bfdcf0ba355c2fba23a87777b494 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-dnd11 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3abac394d106ae074488aa3883fd1ca456e2763dc26aaa557c47281252f89434 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10774 Malicious code in react-dnd11 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3abac394d106ae074488aa3883fd1ca456e2763dc26aaa557c47281252f89434 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-51750 Element allows a malicious homeserver can modify events leading to unrenderable events or rooms

Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85...

CVE-2024-51750

CVE-2024-51750 affects Element Web/Desktop prior to version 1.11.85. A malicious homeserver can send invalid messages over federation, which can prevent rendering of single messages or the entire room containing them. The issue is documented across multiple feeds, with remediation implemented in ...

CVE-2024-51750 Element allows a malicious homeserver can modify events leading to unrenderable events or rooms

Element is a Matrix web client built using the Matrix React SDK. A malicious homeserver can send invalid messages over federation which can prevent Element Web and Desktop from rendering single messages or the entire room containing them. This was patched in Element Web and Desktop 1.11.85...

CVE-2024-51749 Element's thumbnails can be abused to misrepresent the content of an attachment

Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in...

CVE-2024-51749 Element's thumbnails can be abused to misrepresent the content of an attachment

Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in...

CVE-2024-51749 Element's thumbnails can be abused to misrepresent the content of an attachment

Element is a Matrix web client built using the Matrix React SDK. Versions of Element Web and Desktop earlier than 1.11.85 do not check if thumbnails for attachments, stickers and images are coherent. It is possible to add thumbnails to events trigger a file download once clicked. Fixed in...

Malicious code in eslint-config-finance-web-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e725f78fcf3a683c99f793d4f5e9b51d1d8f7a447baa713cab5c5efd8928f6e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in aem-core-react-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95d42e3a74bd354e1f4c9ce919082af4d0f85a5bbb6cbd5f32eab262ba83cd6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10549 Malicious code in aem-core-react-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95d42e3a74bd354e1f4c9ce919082af4d0f85a5bbb6cbd5f32eab262ba83cd6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-52004

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...

CVE-2024-52004 Remote code execution vulnerabilities in MediaCMS

MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...