Lucene search
K

63 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/12 2:32 p.m.10 views

Malicious code in sea-bound-siren (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f2d5cc691968b1bb69f12ea7476c618f6432b42976869906df06312b912c0 On npm install, postinstall.js executes a shell pipeline that collects the output of id, os.hostname, the full process environment env | sort, the...

5.4AI score
Exploits0References24
OSV
OSV
added 2026/06/12 2:32 p.m.7 views

MAL-2026-5693 Malicious code in sea-bound-siren (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f2d5cc691968b1bb69f12ea7476c618f6432b42976869906df06312b912c0 On npm install, postinstall.js executes a shell pipeline that collects the output of id, os.hostname, the full process environment env | sort, the...

5.5AI score
Exploits0References24
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/29 10:29 p.m.4 views

Malicious code in siren-lament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f9146581b28381099b9aea208feeb40077658b468ce7897143988b86a5ec23b The package siren-lament was found to contain malicious code. Source: ossf-package-analysis...

7.2AI score
Exploits0
OSV
OSV
added 2025/10/29 10:29 p.m.3 views

MAL-2025-49247 Malicious code in siren-lament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f9146581b28381099b9aea208feeb40077658b468ce7897143988b86a5ec23b The package siren-lament was found to contain malicious code. Source: ossf-package-analysis...

7.2AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-15589

Malware in sbrugna...

4.3CVSS5AI score0.00826EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-23371

Malware in sbrugna...

9.8CVSS9.4AI score0.01311EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50304

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00418EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-39850

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.0064EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-50305

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00692EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 12:26 a.m.6 views

CVE-2022-47543

An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects...

5.3CVSS7AI score0.00418EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 12:25 a.m.9 views

CVE-2022-47544

An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently sandboxed...

9.8CVSS6.9AI score0.00692EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:56 p.m.3 views

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

4.3CVSS6.1AI score0.00826EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:59 p.m.6 views

CVE-2021-36794

In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process...

9.8CVSS6.9AI score0.01311EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/19 4:15 a.m.3 views

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

9.8CVSS5.2AI score0.0064EPSS
Exploits0References3
OSV
OSV
added 2023/06/19 4:15 a.m.4 views

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

9.8CVSS5.8AI score0.0064EPSS
Exploits0References2
NVD
NVD
added 2023/06/19 4:15 a.m.14 views

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

9.8CVSS9.5AI score0.0064EPSS
Exploits0References2
Prion
Prion
added 2023/06/19 4:15 a.m.15 views

Code injection

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

7.5CVSS9.4AI score0.0064EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/06/19 12:0 a.m.22 views

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

9.7AI score0.0064EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/06/19 12:0 a.m.6 views

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

7AI score0.0064EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/19 12:0 a.m.5 views

Siren Investigate 代码问题漏洞

Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts and more. A security vulnerability exists in Siren Investigate versions prior to 13.2.2, which stems from a session key remaining active even after logout...

9.8CVSS8.3AI score0.0064EPSS
Exploits0References3
Rows per page
Query Builder