Malicious code in customerdigital-service-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d58926a994bd05ac4db3c984f96186b2d52da1235a3f56f34843c01dd2246408 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

CVE-2026-4962

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-4962

A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by...

CVE-2026-4962

CVE-2026-4962 affects UltraVNC up to 1.6.4.0, specifically the library component Service.dll within version.dll, where an attacker can manipulate an uncontrolled search path. The issue enables a local attack with high complexity and is reportedly difficult to exploit, and an exploit has been rele...

EUVD-2007-4868

Malware in sbrugna...

BentoML 代码问题漏洞

BentoML is an open source modeling service library from BentoML Open Source. It is used to build high-performance and scalable artificial intelligence applications using Python. A code issue vulnerability exists in BentoML versions 1.4.0 through 1.4.19 that stems from the file upload processing...

编号撤回

BentoML is an open source modeling service library from BentoML Open Source. For building high-performance and scalable AI applications using Python. This CVE number has been withdrawn...

编号撤回

BentoML is an open source modeling service library from BentoML Open Source. For building high-performance and scalable AI applications using Python. This CVE number has been withdrawn...

CVE-2024-49101

Wireless Wide Area Network Service WwanSvc Elevation of Privilege Vulnerability...

CVE-2024-25999

An unauthenticated local attacker can perform a privilege escalation due to improper input validation in the OCPP agent service...

CVE-2023-42654

In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed...

CVE-2023-38162

DHCP Server Service Denial of Service Vulnerability...

CVE-2022-47467

In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service...

CVE-2022-47468

In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service...

CVE-2022-47360

In log service, there is a missing permission check. This could lead to local denial of service in log service...

Denial Of Service (DoS)

chromium is vulnerable to denial of service. The vulnerability exists due to the heap buffer overflow in GPU in the library, allowing an attacker to perform a sandbox escape via a crafted HTML page, leading to an application crash...

app.cash.backfila:client-misk (>=0.1.0 <=0.1.3-20200811-2e41939), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1757 more potentially affected by CVE-2022-41853 via org.hsqldb:hsqldb (>=1.8.0.10 <=2.7.0)

org.hsqldb:hsqldb MAVEN version =1.8.0.10, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =0.2, =0.2, =0.3, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 -...

PT-2022-23863 · Unknown +1 · Ddmal Mei2Volpiano +1

Name of the Vulnerable Software and Affected Versions: DDMAL MEI2Volpiano version 0.8.2 Description: The issue is related to an XML External Entity XXE vulnerability, which can lead to a Denial of Service. This occurs due to the usage of the unsafe 'xml.etree' library to parse untrusted XML input...

Metasploit Weekly Wrap-Up

vCenter Secret Extracter Expanding on the work of the vcenterforgesamltoken auxiliary module, community contributor npm-cesium137-io has added a new module for extracting the vmdir/vmafd certificates, the IdP keypair, the VMCA root cert, and anything from vmafd that has a private key associated,...