Malicious code in sing-fest-es-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 568dedb347f57208c9d7934b8818262beac7eba759430a41f2d3a12d23e12399 The package sing-fest-es-logger was found to contain malicious code...

MAL-2025-191587 Malicious code in sing-fest-es-logger (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 568dedb347f57208c9d7934b8818262beac7eba759430a41f2d3a12d23e12399 The package sing-fest-es-logger was found to contain malicious code...

CVE-2025-11317

A vulnerability was identified in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. This affects the function findRolePage of the file findSingConfigPage.do. The manipulation of the argument sort leads to sql injection. The attack is possible to be carried out remotely. The explo...

CVE-2025-11314 Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findSingConfigPage.do findRolePage sql injection

A vulnerability has been found in Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 1.0. Affected is the function findRolePage of the file findSingConfigPage.do. Such manipulation of the argument sort leads to sql injection. The attack may be launched remotely. The exploit has been...

EUVD-2023-2582

Malicious code in bioql PyPI...

Malicious code in sing-wore-glass (npm)

The package sing-wore-glass was found to contain malicious code...

MAL-2025-46060 Malicious code in sing-wore-glass (npm)

The package sing-wore-glass was found to contain malicious code...

GO-2023-2077 Authentication bypass in github.com/sagernet/sing

Authentication bypass in github.com/sagernet/sing...

sing-box vulnerable to improper authentication in the SOCKS inbound

Impact This vulnerability allows specially crafted requests to bypass authentication, affecting all SOCKS inbounds with user authentication. Patches Update to sing-box 1.4.5 or 1.5.0-rc.5 and later versions. Workarounds Don't expose the SOCKS5 inbound to insecure environments...

GHSA-R5HM-MP3J-285G sing-box vulnerable to improper authentication in the SOCKS inbound

Impact This vulnerability allows specially crafted requests to bypass authentication, affecting all SOCKS inbounds with user authentication. Patches Update to sing-box 1.4.5 or 1.5.0-rc.5 and later versions. Workarounds Don't expose the SOCKS5 inbound to insecure environments...

CVE-2023-43644

Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to...

Authentication flaw

Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to...

CVE-2023-43644

CVE-2023-43644 affects sing-box and enables an authentication bypass for all SOCKS5 inbounds with user authentication via specially crafted requests. The impact is an authentication bypass with potential high-severity consequences. Affected versions require updating to sing-box 1.4.4 or 1.5.0-rc....

CVE-2023-43644 Improper authentication in the SOCKS5 inbound in sing-box

Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to...

CVE-2023-43644 Improper authentication in the SOCKS5 inbound in sing-box

Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to...

CVE-2023-43644 Improper authentication in the SOCKS5 inbound in sing-box

Sing-box is an open source proxy system. Affected versions are subject to an authentication bypass when specially crafted requests are sent to sing-box. This affects all SOCKS5 inbounds with user authentication and an attacker may be able to bypass authentication. Users are advised to update to...

PT-2023-28895 · Sing-Box · Sing-Box

Name of the Vulnerable Software and Affected Versions: Sing-box versions prior to 1.4.4 Sing-box versions prior to 1.5.0-rc.4 Description: The issue affects all SOCKS5 inbounds with user authentication in Sing-box, allowing an attacker to bypass authentication when specially crafted requests are...

Sing-box Access Control Error Vulnerability

sing-box is a universal proxy platform open-sourced by Project S. An access control error vulnerability exists in Sing-box versions prior to 1.5.0-rc.5, which stems from a vulnerability that allows an attacker to bypass authentication...

sing-magic.com Cross Site Scripting vulnerability OBB-3656646

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2010-2883

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service application crash via a PDF document with a long field in a Smart INdependent...