139 matches found
Malicious Package
Overview zeitwerk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
EUVD-2017-4820
Malware in sbrugna...
EUVD-2017-1197
Malware in sbrugna...
EUVD-2016-1420
Malware in sbrugna...
EUVD-2025-32579
A security vulnerability has been detected in code-projects Student Crud Operation 3.3. Affected is an unknown function of the file delete.php. The manipulation of the argument ID leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclosed publicly an...
EUVD-2022-29774
Malicious code in bioql PyPI...
Malicious Package
Overview @sev-ui-verse/react-query-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...
Malicious Package
Overview @s21games/game-engine is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @cnx-ui/cnx-ui-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
CVE-2025-7277
creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-524/...
CVE-2025-49882
creationtimestamp| type| source ---|---|--- 2025-06-17 18:28:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrt4q7weug2i...
CVE-2025-37919
No description is available for this CVE...
CVE-2025-24108
creationtimestamp| type| source ---|---|--- 2025-01-27 22:17:29+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqxsm74af2f...
CVE-2024-13230
creationtimestamp| type| source ---|---|--- 2025-01-21 11:11:26+00:00| seen| https://infosec.exchange/users/cve/statuses/113866040035703869 2025-01-21 11:15:21+00:00| seen| https://infosec.exchange/users/cve/statuses/113866055399154408 2025-01-21 11:15:32+00:00| seen|...
Exploit for Code Injection in Geoserver
CVE-2024-36401 This is a program for checking vulnerabilities...
GHSA-476G-V7HF-CW5M Cross-site Scripting (XSS) in Document Properties Parameter
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.21 or apply this patch manually...
GHSA-HFMG-G39C-5444 pimcore is vulnerable to cross-site scripting in translate module
Impact This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Patches Update to version 10.5.20 or apply this patch manually...
Pimcore vulnerable to improper quoting of filters in Custom Reports
Impact Since a user with 'report' permission can already write arbitrary SQL queries and given the fact that this endpoint is using the GET method no CSRF protection, an attacker can inject an arbitrary query by manipulating a user to click on a link. The impact of this path traversal and arbitra...
编号已被CVE保留
No details are available at this time...
编号已被CVE保留
No details are available at this time...