Malicious code in coredxloader (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b26408ee7735357c61e0a81e60620000999ef84eba419797b20858e5ce5b4a62 During importing, code starts a malicious script performing exfiltration of sensitive data and credentials from e.g. browsers and Discord clients to a remote...

Malicious code in apachelicense (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9d96d45a87e117e72107d6d6dfbe8c4e94323323bc28ce9accd8ccba39a0a46c Malicious clone of legitimate "license" package. When using the findbykey function, the malicious code from strongly obfuscated files is loaded. It then at lea...

CVE-2026-25055 n8n Arbitrary File Write on Remote Systems via SSH Node

n8n is an open source workflow automation platform. Prior to versions 1.123.12 and 2.4.0, when workflows process uploaded files and transfer them to remote servers via the SSH node without validating their metadata the vulnerability can lead to files being written to unintended locations on those...

CVE-2025-9595

A vulnerability was found in code-projects Student Information Management System 1.0. The impacted element is an unknown function of the file /login.php. The manipulation of the argument uname results in cross site scripting. The attack may be performed from a remote location. The exploit has bee...

PT-2025-35153

Name of the Vulnerable Software and Affected Versions: code-projects Student Information Management System version 1.0 Description: A cross site scripting issue exists due to the manipulation of the uname argument. The issue is located in an unknown function of the file /login.php. The attack can...

Malicious code in zmaker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f4ac88a121488df2fdfa1cb5409f3443f658a30d679f20acc41dd2c656bd3b8 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

Malicious code in pyapiepo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 69aee56f4c3bce704bc65574959aee0226417e4d6a6e05e662d6fa235c12815f Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

Malicious code in zsender (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64454f4348553cc0321094cffaef685d8977dd95ccf1c07dc54e2b8b3c39a8f0 Campaign is split into multiple packages that altogether exfiltrates data from desktop Telegram application. 1. "pyapiepo" is a cover package that provides som...

CVE-2020-36835

The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to sensitive information disclosure of a WordPress site's database due to missing capability checks on the wpajaxwpvividaddremote AJAX action that allows low-level authenticated attackers to send back-ups to a remote...

CVE-2020-36835

The CVE-2020-36835 entry concerns the WordPress WPvivid Migration, Backup, Staging plugin. Affected component: wp_ajax_wpvivid_add_remote AJAX action. Root cause: missing capability checks allow low‑level authenticated attackers to exfiltrate the WordPress site database by sending backups to a re...

PT-2024-26082 · Samsung · Samsung Assistant

Name of the Vulnerable Software and Affected Versions: Samsung Assistant versions prior to 9.1.00.7 Description: The issue is related to the improper handling of insufficient permissions in Samsung Assistant, allowing remote attackers to access location data. User interaction is required for...

CVE-2024-6449

HyperView Geoportal Toolkit (versions

CVE-2023-34212

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location...

GHSA-7X45-PHMR-9WQP Arbitrary file write in mindsdb when Extracting Tarballs retrieved from a remote location

Summary An unsafe extraction is being performed using shutil.unpackarchive from a remotely retrieved tarball. Which may lead to the writing of the extracted files to an unintended location. This vulnerability is sometimes called a TarSlip or a ZipSlip variant. Details Unpacking files using the...

CVE-2023-25266

An issue was discovered in Docmosis Tornado prior to version 2.9.5. An authenticated attacker can change the Office directory setting pointing to an arbitrary remote network path. This triggers the execution of the soffice binary under the attackers control leading to arbitrary remote code...

GHSA-GVG3-83Q4-RFHQ Command injection in Apache Sling

Apache Sling JCR Base 3.1.12 has a critical injection vulnerability when running on old JDK versions JDK 1.8.191 or earlier through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDN...

CVE-2023-25141

Apache Sling JCR Base 3.1.12 has a critical injection vulnerability when running on old JDK versions JDK 1.8.191 or earlier through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDN...

Design/Logic Flaw

Apache Sling JCR Base 3.1.12 has a critical injection vulnerability when running on old JDK versions JDK 1.8.191 or earlier through utility functions in RepositoryAccessor. The functions getRepository and getRepositoryFromURL allow an application to access data stored in a remote location via JDN...

CVE-2022-3034

When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird 102.2.1 and Thunderbird 91.13.1...

CVE-2022-3034

When receiving an HTML email that specified to load an iframe element from a remote location, a request to the remote document was sent. However, Thunderbird didn't display the document. This vulnerability affects Thunderbird 102.2.1 and Thunderbird 91.13.1...