4915 matches found
MAL-2024-9792 Malicious code in react-native-community (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in react-and-rockets (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9791 Malicious code in react-and-rockets (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @iceberg-react/test-package (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9466 Malicious code in @iceberg-react/test-package (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
Impact matrix-react-sdk before 3.102.0 allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that room, via injection of a malicious device controlled by the homeserver. This is possible because matrix-react-sdk before 3.102.0 shared...
GHSA-QCVH-P9JQ-WP8V Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
Impact matrix-react-sdk before 3.102.0 allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that room, via injection of a malicious device controlled by the homeserver. This is possible because matrix-react-sdk before 3.102.0 shared...
CVE-2024-47824
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
CVE-2024-47824
Summary: CVE-2024-47824 affects matrix-react-sdk. Versions 3.18.0 through
CVE-2024-47824 Malicious homeservers can steal message keys when the matrix-react-sdk user invites another user to a room
matrix-react-sdk is react-based software development kit for inserting a Matrix chat/VOIP client into a web page. Starting in version 3.18.0 and before 3.102.0, matrix-react-sdk allows a malicious homeserver to potentially steal message keys for a room when a user invites another user to that roo...
matrix-react-sdk 信息泄露漏洞
matrix-react-sdk is a Matrix open source component for inserting the Matrix chat/voip client into web pages. An information disclosure vulnerability exists in matrix-react-sdk, which stems from the fact that matrix-react-sdk shares a history message key at invite time...
CVE-2024-47831
Next.js is a React Framework for the Web. Cersions on the 10.x, 11.x, 12.x, 13.x, and 14.x branches before version 14.2.7 contain a vulnerability in the image optimization feature which allows for a potential Denial of Service DoS condition which could lead to excessive CPU consumption. Neither t...
CVE-2024-47831
CVE-2024-47831 concerns Next.js image optimization DoS affecting Next.js branches 10.x–14.x prior to 14.2.7. The vulnerability allows high CPU usage under crafted image requests. Public details show remediation in Next.js 14.2.7. Workaround: ensure next.config.js sets either images.unoptimized, i...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
TPAS Log4Shell PoC This repository contains a Proof of Concep...
MAL-2024-9023 Malicious code in sbm-react-native-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e2afb605fb618703ab0a396b16a0194c7c92063c40e98058cb1e012dd9c283f The OpenSSF Package Analysis project identified 'sbm-react-native-sample' @ 1.5.0 npm as malicious. It is considered malicious because: - The...
Malicious code in sbm-react-native-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e2afb605fb618703ab0a396b16a0194c7c92063c40e98058cb1e012dd9c283f The OpenSSF Package Analysis project identified 'sbm-react-native-sample' @ 1.5.0 npm as malicious. It is considered malicious because: - The...
Malicious code in meraki-react-router (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c83f2848053884da4ed2503526a13acf16087c512c728e406200da4b78084d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9004 Malicious code in meraki-react-router (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c83f2848053884da4ed2503526a13acf16087c512c728e406200da4b78084d9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...