6 matches found
MAL-2026-4692 Malicious code in thevoid (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0ce4d125de5d699da897d074134f8d1f0a971aa23d9c3d6ff3330015fccad091 On install, postinstall.js performs an HTTPS request to void-relay.com carrying process.env contents along with host identifiers process.platform,...
EUVD-2023-50798
Malicious code in bioql PyPI...
CVE-2019-14403
cPanel before 78.0.18 offers an open mail relay because of incorrect domain-redirect routing SEC-483...
CVE-2023-46595
Net-NTLM leak via HTML injection in FireFlow VisualFlow workflow editor allows an attacker to obtain victim’s domain credentials and Net-NTLM hash which can lead to relay domain attacks. Fixed in A32.20 b570 or above, A32.50 b390 or above...
Okta Access Gateway 2020.5.5 Authenticated Remote Root Vulnerability
Okta Access Gateway v2020.5.5 Post-Auth Remote Root RCE CVE-2021-28113 ======= Details ======= There are two command injection bugs can that be triggered after authenticating to the web UI. Since the injection occurs when a script is executed with sudo, the commands are ran with root privileges...
CVE-2021-28113
A command injection vulnerability in the cookieDomain and relayDomain parameters of Okta Access Gateway before 2020.9.3 allows attackers with admin access to the Okta Access Gateway UI to execute OS commands as a privileged system account...