Malicious code in @guards-lib/auth (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b72a9569fc4d43fe6d130bd5ecad08b4e9442b7ca7d8b03c4bfc8a44916d3e6 The package @guards-lib/auth was found to contain malicious code. Source: ghsa-malware 47112682da1426da21d8164ed1b9dd3a0dfa3e989e43b8143aad8831987f65...

Malicious code in n8n-nodes-csv-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 011372ed1f40a4259802291679f8db573c8435e904c38e02482b4589d16c60c7 The package n8n-nodes-csv-parse was found to contain malicious code. Source: ghsa-malware...

ABB AWIN Gateways

SUMMARY ABB became aware of vulnerability in the products versions listed as affected in the advisory. An update is available that resolves the reported vulnerabilities. AWIN gateways are not intended to be internet-facing. An attacker who successfully exploited this vulnerability could take...

MAL-2026-1355 Malicious code in @dappaoffc/baileys-mod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee2d90dce9a6d45cb24a57cb738764c3675c7b5e6a594a15f8130938bcf5a886 The package @dappaoffc/baileys-mod was found to contain malicious code. Source: ghsa-malware...

Malicious code in hiqomu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0f1b14ad8ceaca23c5a536740bb79e0425805fb3df3bd23448dd6cee7af377ad The package hiqomu was found to contain malicious code. Source: ghsa-malware 0bd082bac5a58a31b60a13d745e6ec55d8e49b1e4d5d17c9f3711f28e611f0de Any...

ABB Terra AC

SUMMARY ABB is aware of vulnerabilities in the product versions listed as affected in the advisory. An attacker who successfully exploited this vulnerability could cause the pollution of heap memory which potentially takes remote control of the product and performs a write operation to the flash...

EUVD-2017-2459

Malware in sbrugna...

EUVD-2018-2675

Malware in sbrugna...

Malicious code in servula (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8505d9630f35be52fc05427d2e1cbc9e0fe1ec0de764803117447e8b0b8d265e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Siemens Energy Services

SUMMARY Siemens Energy Services previously known as Managed Applications and Services, sell solutions using Elspec G5 Digital Fault Recorder which contains default credentials with admin privileges. A client configuration with remote access could allow an attacker to gain remote control of the...

CVE-2019-12503

Due to unencrypted and unauthenticated data communication, the wireless barcode scanner Inateck BCST-60 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In...

Malicious code in nodejs-website (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78f634e9e89620bdae97a2ba6be1914334b29090ecd8c222adae9b81f2a0bbf1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nl-wallet-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8bf94087c465bb67e65d34148f6aad2a5592fa4653e4705ca81533f5ac3f6091 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ABB FLXEON Controllers

SUMMARY An update is available that resolves a privately reported vulnerability in the product versions listed as affected in this advisory. FLXEON devices are not intended to be internet-facing. A product advisory issued in June 2023 informed customers of this parameter. An attacker can...

Malicious code in meditek (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 79ebeff786b44dfe1e4d9920b228a143335564879c286690455423f754824a88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dimaspedia (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c763b10d1c1518d7a1b83655aa43d38243278e71daad1953955c08b1b93d095 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @zitterorg/adipisci-quae-eius (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1bfec270c90b3be9a92be8e18740b194c8100b3df718b92afe8d0aed6b22a916 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-5777 Weintek EasyBuilder Pro Use of Hard-coded Credentials

Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server...

CVE-2023-36669

Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit IDU before 11.4 allows remote attackers to obtain arbitrary control of the IDU/ODU system. Any attacker with layer-3 network access to the IDU can impersonate the Touch Panel Unit TPU within the IDU by sending crafte...

Malicious code in we-lib-login-tgp (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4f8e6e5c0168af0a89093c3d059ec1c5c00c6c2bdf595da95c57fa2175d1387 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...