19 matches found
Malicious code in vxui-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bde616ebc21909bfa386bf8e49438da710f48b62ae3127f2a7259c71557a4242 package.json declares a postinstall script that runs curl -skL...
MAL-2026-4677 Malicious code in swift-optimizer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...
MAL-2026-3682 Malicious code in @chahuadev/junk-sweeper-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d446150767f92344d8d0a699f5879bd746200fb8beb60554408699868f03d51 The package's postinstall script package.json line 10: "postinstall": "node install.js" unconditionally fetches a platform-native executable from...
Malicious code in kube-health-tools (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4d36d5ed9b1bc15c12e89f48c1228a4f6e3aebe558a67d535655e280b25b4440 During import, the code download and starts remote executable that later connects to a C2 server, likely establishing a reverse tunnel. After executing the...
Malicious code in pulsecord (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 025d4e33a2037fb9ad36cb4b08b122e4439bb4932b73ac6c6f403609e7e1c09e This package is prepared for silent execution of a malicious executable, with disabling AV protection. While there is no link to the malicious binary inside, t...
Gradio 数据伪造问题漏洞
Gradio, an open source Python library open sourced by Hugging Face, is a method for demonstrating machine learning models through a friendly web interface. Gradio suffers from a Data Forgery Problem vulnerability that stems from the fact that if an attacker gains access to the remote URL where th...
Reprise License Manager 14.2 Remote Binary Execution
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44153 Vulnerability Title: Authenticated Remote Binary Execution Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Date: 2021-11-25...
Reprise License Manager 14.2 Remote Binary Execution Vulnerability
Product: Reprise License Manager 14.2 Vendor: Reprise Software CVE ID: CVE-2021-44153 Vulnerability Title: Authenticated Remote Binary Execution Severity: High Authors: Mark Staal Steenberg, Bilal El Ghoul, Gionathan Armando Reale, Andreas Fyhn Andersen, Oliver Lind Nordestgaard Introduction: Whe...
DWebPro 8.4.2 Remote Binary Execution / File Inclusion
Exploit Title: DWebPro 8.4.2 Remote Binary Execution Date: 01/10/2016 Exploit Author: Tulpa Contact: [email protected] Author website: www.tulpa-security.com Author twitter: @tulpasecurity Vendor Homepage: http://www.dwebpro.com/ Software Link: http://www.dwebpro.com/download Version: 8.4....
Microsoft Internet Explorer 11 DLL Hijacking
Abstract -------- Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability Affected Version: MSHTML.DLL 11.0.9600.18231 and probably below on Windows 7 SP1 Vendor Homepage: http://www.microsoft.com Severity: high Status: fixed CVE-ID: CVE-2016-0160 Description -----------...
ACROS Security: Remote Binary Planting in Apple Safari for Windows (ASPR #2010-09-08-1)
=====BEGIN-ACROS-REPORT===== PUBLIC ========================================================================= ACROS Security Problem Report 2010-09-08-1 ------------------------------------------------------------------------- ASPR 2010-09-08-1: Remote Binary Planting in Apple Safari for Windows...
Moovida Media Player version 2.0.0.15 Insecure DLL Hijacking Vulnerability (libc.dll,quserex.dll)
OVERVIEW The Moovida Media Player application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, Unsafe Library Loading, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT...
Maxthon Browser version 2.5.15.1000 Insecure DLL Hijacking Vulnerability (dwmapi.dll)
OVERVIEW The Maxthon Browser application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION Maxthon Browser is a...
Notepad++ version 5.7 Insecure DLL Hijacking Vulnerability
OVERVIEW The Notepad++ application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION Based on the powerful editing...
QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
OVERVIEW The QtWeb Browser application is vulnerable to Insecure DLL Hijacking Vulnerability. Similar terms that describe this vulnerability have been come up with Remote Binary Planting, and Insecure DLL Loading/Injection/Hijacking/Preloading. 2. PRODUCT DESCRIPTION QtWeb Browser is a...
Sun Directory < 6.3 bind-dn Remote Privilege Escalation
Binary data 4491.prm...
php local buffer underflow could lead to arbitary code execution
Affected versions: php 5.1.4 and older, 4.4.3 and possibly older Cause: when php-s sscanf functions format argument contains argument swap and extra arguments are given like. sscanf'foo ','$1s',$bar then it reads an pointer to pointer to zval structure past the end of argument array by one. Php...
Mutt < 1.5.11 imap/browse.c Remote Overflow
Binary data 3172.prm...
Pavuk < 0.9.32 Multiple Unspecified Remote Buffer Overflows
Binary data 2794.prm...