210 matches found
Malicious code in serious-blush-raccoon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b2186240116c8ad343d24630dec3be48f8105d0f3b2890ad19ee5d55b33fefe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-52109
Malicious code in serious-emerald-warbler npm...
EUVD-2025-45336
Malicious code in seriousmeadowlarkz3n npm...
EUVD-2005-0506
Malware in sbrugna...
EUVD-2004-1204
Malware in sbrugna...
EUVD-2003-1133
Malware in sbrugna...
EUVD-2009-3932
Malware in sbrugna...
EUVD-2024-31366
Malicious code in bioql PyPI...
EUVD-2023-29677
Malicious code in bioql PyPI...
EUVD-2024-35520
Malicious code in bioql PyPI...
The Dangerous Truth About the ‘Nonlethal’ Weapons Used Against LA Protesters
While they can cause serious injuries, “nonlethal” weapons are regularly used in the United States to disperse public demonstrations, including at the recent ICE protests in Los Angeles...
CVE-2025-3460
The CVE-2025-3460 issue affects Quantenna Wi‑Fi chipsets via the SDK up to version 8.0.0.28. A local command-injection vulnerability exists in the local control scripts (set_tx_pow; router_command.sh in the sync_time/get_syslog_from_qtn arguments), classified as CWE-88 (Argument Injection). CVSS ...
CVE-2024-8738
The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...
CVE-2024-33650
Cross-Site Request Forgery CSRF vulnerability in Cryout Creations Serious Slider.This issue affects Serious Slider: from n/a through 1.2.4...
CVE-2024-35762
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through 1.2.4...
CVE-2024-11108
The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
Microsoft Windows Multiple Vulnerabilities (KB5058392)
This host is missing an important security update according to Microsoft KB5058392 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
WordPress Serious Slider plugin < 1.2.7 - Contributor+ Stored XSS via Shortcode vulnerability
Contributor+ Stored XSS via Shortcode vulnerability discovered by Bob Matyas in WordPress Plugin Serious Slider versions 1.2.7...
CVE-2024-11108
The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-11108
The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...