63 matches found
Malicious code in sea-bound-siren (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f2d5cc691968b1bb69f12ea7476c618f6432b42976869906df06312b912c0 On npm install, postinstall.js executes a shell pipeline that collects the output of id, os.hostname, the full process environment env | sort, the...
MAL-2026-5693 Malicious code in sea-bound-siren (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cd5f2d5cc691968b1bb69f12ea7476c618f6432b42976869906df06312b912c0 On npm install, postinstall.js executes a shell pipeline that collects the output of id, os.hostname, the full process environment env | sort, the...
Malicious code in siren-lament (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f9146581b28381099b9aea208feeb40077658b468ce7897143988b86a5ec23b The package siren-lament was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49247 Malicious code in siren-lament (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f9146581b28381099b9aea208feeb40077658b468ce7897143988b86a5ec23b The package siren-lament was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2021-15589
Malware in sbrugna...
EUVD-2021-23371
Malware in sbrugna...
EUVD-2022-50304
Malicious code in bioql PyPI...
EUVD-2023-39850
Malicious code in bioql PyPI...
EUVD-2022-50305
Malicious code in bioql PyPI...
CVE-2022-47543
An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects...
CVE-2022-47544
An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently sandboxed...
CVE-2021-28938
Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...
CVE-2021-36794
In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process...
CVE-2023-35857
In Siren Investigate before 13.2.2, session keys remain active even after logging out...
CVE-2023-35857
In Siren Investigate before 13.2.2, session keys remain active even after logging out...
CVE-2023-35857
In Siren Investigate before 13.2.2, session keys remain active even after logging out...
Code injection
In Siren Investigate before 13.2.2, session keys remain active even after logging out...
CVE-2023-35857
In Siren Investigate before 13.2.2, session keys remain active even after logging out...
CVE-2023-35857
In Siren Investigate before 13.2.2, session keys remain active even after logging out...
Siren Investigate 代码问题漏洞
Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts and more. A security vulnerability exists in Siren Investigate versions prior to 13.2.2, which stems from a session key remaining active even after logout...