MAL-2025-142523 Malicious code in flare-commitizen-graphql-barnard (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector edafc44dd5f36d5fa54bf30d998c963dac42355a9ca104a929a926e16a49d7a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2023-4282

The EmbedPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'adminpostremove' and 'removeprivatedata' functions in versions up to, and including, 3.8.2. This makes it possible for authenticated attackers with subscriber privileges or...

EmbedPress < 3.8.3 - Subscriber+ Plugin Settings Delete

Description The plugin does not properly authorize access to its adminpostremove and removeprivatedata actions, allowing low privileged users such as subscribers to delete plugin settings...

CVE-2020-8590

Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...

CVE-2020-8578

Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parameter is set to true...

Netapp Clustered Data ONTAP 安全漏洞

NetApp Clustered Data ONTAP is NetApp's proprietary operating system for storage disk arrays. An information disclosure vulnerability exists in NetApp Clustered Data ONTAP versions prior to 9.3P20. An attacker can exploit this vulnerability via the AutoSupport bundle to discover node names even i...