MAL-2025-49247 Malicious code in siren-lament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f9146581b28381099b9aea208feeb40077658b468ce7897143988b86a5ec23b The package siren-lament was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in siren-lament (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f9146581b28381099b9aea208feeb40077658b468ce7897143988b86a5ec23b The package siren-lament was found to contain malicious code. Source: ossf-package-analysis...

EUVD-2021-23371

Malware in sbrugna...

EUVD-2021-15589

Malware in sbrugna...

EUVD-2022-50305

Malicious code in bioql PyPI...

EUVD-2023-39850

Malicious code in bioql PyPI...

EUVD-2022-50304

Malicious code in bioql PyPI...

CVE-2022-47543

An issue was discovered in Siren Investigate before 12.1.7. There is an ACL bypass on global objects...

CVE-2022-47544

An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is insufficiently sandboxed...

CVE-2021-28938

Siren Federate before 6.8.14-10.3.9, 6.9.x through 7.6.x before 7.6.2-20.2, 7.7.x through 7.9.x before 7.9.3-21.6, 7.10.x before 7.10.2-22.2, and 7.11.x before 7.11.2-23.0 can leak user information across thread contexts. This occurs in opportunistic circumstances when there is concurrent query...

CVE-2021-36794

In Siren Investigate before 11.1.4, when enabling the cluster feature of the Siren Alert application, TLS verifications are disabled globally in the Siren Investigate main process...

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

Code injection

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

PT-2023-25348 · Unknown · Siren Investigate

Name of the Vulnerable Software and Affected Versions: Siren Investigate versions prior to 13.2.2 Description: The issue concerns session keys remaining active even after a user logs out. This could potentially allow unauthorized access to user sessions. Recommendations: For versions prior to...

Siren Investigate 代码问题漏洞

Siren Investigate is a front-end to the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts and more. A security vulnerability exists in Siren Investigate versions prior to 13.2.2, which stems from a session key remaining active even after logout...

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

CVE-2023-35857

In Siren Investigate before 13.2.2, session keys remain active even after logging out...

CVE-2023-35857

CVE-2023-35857 affects Siren Investigate prior to 13.2.2. The issue is that session keys remain active after logout, enabling potential unauthorized access to user sessions. The CVSS v3.1 score is 9.8 (CRITICAL) with network attack vector, no privileges required, and no user interaction. Affected...