Malicious code in magellan-selenium-webdriver-manager-chromedriver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbc85defb5c47d81a6b7152dddb64836d50ee11205bac70928844a4534b6d9e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-111451

Malicious code in magellan-selenium-webdriver-manager-chromedriver npm...

EUVD-2019-0252

Malware in sbrugna...

EUVD-2019-0356

Malware in sbrugna...

MAL-2025-5984 Malicious code in @3kali182/selenium-webdriver4 (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bff78cc4315b550d5909b8c816e780ca2f8d9a2faf17fcf35ec85eecdec84644 Any computer that has this package installed or running should be considered...

NULL Pointer Dereference

Overview Selenium.WebDriver is a .NET bindings for the Selenium WebDriver API Affected versions of this package are vulnerable to NULL Pointer Dereference due to an insufficient check on CookieWndProc function. An attacker can cause the application to crash by sending specially crafted data that...

Splunk Enterprise 7.2.4 - Custom App RCE (Persistent Backdoor - Custom Binary Payload) Exploit

Exploit for windows platform in category web applications !/usr/bin/python Exploit Title: Splunk Enterprise 7.2.4 Custom App RCE persistent backdoor - custom binary payload Exploit Author: Matteo Malvica Original Author: Lee Mazzoleni Vendor Homepage: https://www.splunk.com/ Software Link:...

selenium-binaries downloads resources over HTTP

Versions of selenium-binaries prior to 0.15.0 insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

GHSA-H4MC-R4F4-HCF4 selenium-binaries downloads resources over HTTP

Versions of selenium-binaries prior to 0.15.0 insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...

CVE-2016-10601

webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver / IEDriver / IOSDriver / Ghostdriver. webdrvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...

CVE-2016-10601

webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver / IEDriver / IOSDriver / Ghostdriver. webdrvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...

Remote code execution

webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver / IEDriver / IOSDriver / Ghostdriver. webdrvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...

CVE-2016-10601

webdrvr is a npm wrapper for Selenium Webdriver including Chromedriver / IEDriver / IOSDriver / Ghostdriver. webdrvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested binary with an...

Automating Opera browser with Selenium WebDriver and Python

The right way to automate a web application is, certainly, to understand how this application works, by using burp see "Burp Suite Free Edition and NTLM authentication in ASP.net applications" for example, retrieve all necessary requests and learn how to use them. However, this is sometimes so...

Security update for MozillaFirefox, mozilla-nss (important)

Mozilla Firefox was updated to 48.0 to fix security issues, bugs, and deliver various improvements. The following major changes are included: - Process separation e10s is enabled for some users - Add-ons that have not been verified and signed by Mozilla will not load - WebRTC enhancements - The...