Lucene search
+L

210 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 12:41 a.m.2 views

Malicious code in serious-blush-raccoon (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b2186240116c8ad343d24630dec3be48f8105d0f3b2890ad19ee5d55b33fefe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/11 12:41 a.m.1 views

EUVD-2025-52109

Malicious code in serious-emerald-warbler npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/10 5:21 p.m.1 views

EUVD-2025-45336

Malicious code in seriousmeadowlarkz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-0506

Malware in sbrugna...

7.5CVSS6.4AI score0.01572EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2004-1204

Malware in sbrugna...

5CVSS6.4AI score0.03588EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2003-1133

Malware in sbrugna...

7.5CVSS6.4AI score0.02777EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2009-3932

Malware in sbrugna...

7.5CVSS6.4AI score0.01051EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-31366

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00214EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-29677

Malicious code in bioql PyPI...

5.7CVSS6AI score0.00252EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-35520

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00276EPSS
Exploits0References1
Wired Threat Level
Wired Threat Level
added 2025/06/09 10:42 p.m.8 views

The Dangerous Truth About the ‘Nonlethal’ Weapons Used Against LA Protesters

While they can cause serious injuries, “nonlethal” weapons are regularly used in the United States to disperse public demonstrations, including at the recent ICE protests in Los Angeles...

7.2AI score
Exploits0
CVE
CVE
added 2025/06/08 9:2 p.m.56 views

CVE-2025-3460

The CVE-2025-3460 issue affects Quantenna Wi‑Fi chipsets via the SDK up to version 8.0.0.28. A local command-injection vulnerability exists in the local control scripts (set_tx_pow; router_command.sh in the sync_time/get_syslog_from_qtn arguments), classified as CWE-88 (Argument Injection). CVSS ...

7.8CVSS7.9AI score0.0097EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 10:35 a.m.13 views

CVE-2024-8738

The Seriously Simple Stats plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.6.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...

6.1CVSS6.4AI score0.00444EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:20 a.m.10 views

CVE-2024-33650

Cross-Site Request Forgery CSRF vulnerability in Cryout Creations Serious Slider.This issue affects Serious Slider: from n/a through 1.2.4...

4.3CVSS5.1AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:13 a.m.10 views

CVE-2024-35762

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Cryout Creations Serious Slider allows Stored XSS.This issue affects Serious Slider: from n/a through 1.2.4...

6.5CVSS6.8AI score0.00276EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:28 a.m.8 views

CVE-2024-11108

The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.3AI score0.00321EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2025/05/14 12:0 a.m.156 views

Microsoft Windows Multiple Vulnerabilities (KB5058392)

This host is missing an important security update according to Microsoft KB5058392 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

8.8CVSS9.8AI score0.21228EPSS
Exploits10References3
Patchstack
Patchstack
added 2024/12/20 7:58 p.m.5 views

WordPress Serious Slider plugin < 1.2.7 - Contributor+ Stored XSS via Shortcode vulnerability

Contributor+ Stored XSS via Shortcode vulnerability discovered by Bob Matyas in WordPress Plugin Serious Slider versions 1.2.7...

5.4CVSS6AI score0.00321EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/12/20 6:15 a.m.4 views

CVE-2024-11108

The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score0.00321EPSS
Exploits1References1
NVD
NVD
added 2024/12/20 6:15 a.m.20 views

CVE-2024-11108

The Serious Slider WordPress plugin before 1.2.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS0.00321EPSS
Exploits1References1
Rows per page
Query Builder