1412 matches found
MAL-2024-11496 Malicious code in widget-session-sample (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in sendbird-chatgpt-sample-react (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in quickstart-live-audio-only-sample-javascript (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11429 Malicious code in quickstart-live-audio-only-sample-javascript (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in openpass-sample-sites-client-js-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22761b2b3783be8fe56b0c5a6dcf9a5ad086a0be989ebb32123064f9800a7a1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11218 Malicious code in openpass-sample-sites-client-js-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 22761b2b3783be8fe56b0c5a6dcf9a5ad086a0be989ebb32123064f9800a7a1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in openpass-sample-sites-piano-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49f0304f3f60bf5d349bb9e70fe90a204d906a2213b87d66e41afe3b0c1ddc8e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11214 Malicious code in openpass-sample-sites-piano-io (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 49f0304f3f60bf5d349bb9e70fe90a204d906a2213b87d66e41afe3b0c1ddc8e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
OpenEXR: Heap Overflow in Scanline Deep Data Parsing
A vulnerability was found in the Academy Software Foundation OpenEXR and requires that a malicious EXR file image is parsed by the target device or environment using OpenEXR. This issue occurs due to a failure in validating the number of scanline samples of an OpenEXR file containing deep scanlin...
Exploit for Missing Authentication for Critical Function in Cyberpanel
CVE-2024-51567 Exploit Script CVE-2024-51567 is a Python...
Malicious code in @ciam-expressjs-vanilla-samples/shared (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis cc28deadcf9235665f79c65d92ca7684f27361c14efa6bcd44ad82b40947b9df The OpenSSF Package Analysis project identified '@ciam-expressjs-vanilla-samples/shared' @ 1.0.1 npm as malicious. It is considered malicious...
Malicious code in test-package-sample (PyPI)
--- -= Per source details. Do not edit below this line.=-...
bittytax (=0.5.2), creme-crm (>=2.3.1 <=2.6.20) +22 more potentially affected by CVE-2024-25885 via xhtml2pdf (>=0.0.6 <=0.2.16)
xhtml2pdf PYPI version =0.0.6, =2.3.1, =0.3.0, =1.0.0, =1.0.3, =1.0.2, =1.0.3, =0.1.132, =1.6.0, =3.0.0, =0.1.11, =0.1.10, =0.1.11 and more Source cves: CVE-2024-25885 Source advisory: OSV:GHSA-JJ5C-HHRG-VV5H...
CVE-2024-45060 Unauthenticated Cross-Site-Scripting (XSS) in sample file in PHPSpreadsheet
PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting XSS vulnerability due to improper handling of input where a number is expected leading to formula injection. The code in in...
PhpSpreadsheet has an Unauthenticated Cross-Site-Scripting (XSS) in sample file
Summary One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting XSS vulnerability due to improper handling of input where a number is expected leading to formula injection. Details The following code in 45Quadraticequationsolver.php concatenates the user supplied...
PT-2024-31412 · Unknown · Phpspreadsheet
Name of the Vulnerable Software and Affected Versions: PHPSpreadsheet versions prior to 1.29.2 PHPSpreadsheet versions prior to 2.1.1 PHPSpreadsheet versions prior to 2.3.0 Description: The issue is related to a cross-site scripting XSS vulnerability in one of the sample scripts in PHPSpreadsheet...
Malicious code in document-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bb99caad7a94acc80fdf591c1a9085e6ffcca64b8142700fe45c1e647fed2c93 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9023 Malicious code in sbm-react-native-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e2afb605fb618703ab0a396b16a0194c7c92063c40e98058cb1e012dd9c283f The OpenSSF Package Analysis project identified 'sbm-react-native-sample' @ 1.5.0 npm as malicious. It is considered malicious because: - The...
Malicious code in sbm-react-native-sample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2e2afb605fb618703ab0a396b16a0194c7c92063c40e98058cb1e012dd9c283f The OpenSSF Package Analysis project identified 'sbm-react-native-sample' @ 1.5.0 npm as malicious. It is considered malicious because: - The...