MAL-2025-47003 Malicious code in @i22/scroll-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1297ada7ed50f62fa70a5afda0a5f25b8e52d052e53dc69c23b9927d6024c15f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview @i22/scroll-animation is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in @i22/scroll-animation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1297ada7ed50f62fa70a5afda0a5f25b8e52d052e53dc69c23b9927d6024c15f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-50986

diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...

CVE-2025-50986

diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...

CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...

CVE-2025-49897 WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Vertical scroll slideshow gallery v2 allows Blind SQL Injection. This issue affects Vertical scroll slideshow gallery v2: from n/a through 9.1...

CVE-2025-49897

CVE-2025-49897 affects the WordPress plugin Vertical scroll slideshow gallery v2 (versions

WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Vertical scroll slideshow gallery v2 versions = 9.1...

WordPress plugin Vertical scroll slideshow gallery SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

PT-2025-33491 · Unknown · Gopiplus Vertical Scroll Slideshow Gallery

Name of the Vulnerable Software and Affected Versions: gopiplus Vertical scroll slideshow gallery versions n/a through 9.1 Description: Improper neutralization of special elements used in an SQL command 'SQL Injection' allows for Blind SQL Injection. Recommendations: At the moment, there is no...

MAL-2025-19920 Malicious code in ev-scroll-loader (npm)

The package ev-scroll-loader was found to contain malicious code...

Malicious code in ev-scroll-loader (npm)

The package ev-scroll-loader was found to contain malicious code...

MAL-2025-30862 Malicious code in purejs-onepage-scroll (npm)

The package purejs-onepage-scroll was found to contain malicious code...

Malicious code in purejs-onepage-scroll (npm)

The package purejs-onepage-scroll was found to contain malicious code...

WordPress Anchor smooth scroll plugin <= 1.0.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k in WordPress Plugin Anchor smooth scroll versions = 1.0.2...

CVE-2025-5752 Vertical scroll image slideshow gallery <= 11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter

The Vertical scroll image slideshow gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 11.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress plugin Vertical scroll image slideshow gallery cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

MAL-2025-5723 Malicious code in react-router-scroll-navar (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5e8e2c3b7417b2b59415f2f9ce55b82be6594510752b41c70e05cb8fff7fb243 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

UBUNTU-CVE-2025-38213

In the Linux kernel, the following vulnerability has been resolved: vgacon: Add check for vcorigin address range in vgaconscroll Our in-house Syzkaller reported the following BUG twice, which we believed was the same issue with 1: ==================================================================...