Lucene search
K

8 matches found

HackRead
HackRead
added 2025/12/11 5:12 p.m.8 views

Malicious Visual Studio Code Extensions Hide Trojan in Fake PNG Files

VS Code developers beware: ReversingLabs found 19 malicious extensions hiding trojans inside a popular dependency, disguising the final malware payload as a standard PNG image file...

7.1AI score
Exploits0
OSV
OSV
added 2025/06/12 5:49 p.m.1 views

MAL-2025-5016 Malicious code in 0vulns-dependency-confusion-poc (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d282025fb2ec1b4012e3b979cec1f66520e643fcadfd2864e54989de50dd00d The package.json preinstall script runs wget against an attacker-controlle...

5.8AI score
Exploits0References1
OSV
OSV
added 2025/03/24 5:1 p.m.15 views

OPENSUSE-SU-2025:0103-1 Security update for cadvisor

This update for cadvisor fixes the following issues: - update to 0.52.1: Make resctrl optional/pluggable - update to 0.52.0: bump containerd related deps: api v1.8.0; errdefs v1.0.0; ttrpc v1.2.6 chore: Update Prometheus libraries bump runc to v1.2.4 Add Pressure Stall Information Metrics Switch ...

7.5CVSS7.2AI score0.02607EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2024/10/26 9:30 p.m.7 views

1game-texas-holdem (>=1.2.0 <=1.11.1), @1studio/ui (>=1.0.0-beta.1 <=3.9.0) +995 more potentially affected by CVE-2020-26308 via validate.js (>=0.10.0 <=0.13.1)

validate.js NPM version =0.10.0, =1.2.0, =1.0.0-beta.1, =5.0.1, =0.1.0, =1.0.6, =3.3.20, =2.0.0-alpha.1, =0.3.9, =1.3.0, =1.2.1, =0.3.12, =1.3.12, =0.1.1, =0.1.26 and more Source cves: CVE-2020-26308 Source advisory: OSV:GHSA-RV73-9C8W-JP4C...

8.7CVSS5.4AI score0.00493EPSS
Exploits1
OSV
OSV
added 2021/04/14 2:51 p.m.9 views

OPENSUSE-SU-2021:0552-1 Security update for python-bleach

This update for python-bleach fixes the following issues: - CVE-2021-23980: Fixed mutation XSS on bleach.clean with specific combinations of allowed tags boo1184547 Update to 3.1.5: replace missing setuptools dependency with packaging. Thank you Benjamin Peterson. Update to 3.1.4 boo1168280,...

7.5CVSS6.8AI score0.01301EPSS
Exploits3References7
OSV
OSV
added 2020/10/06 3:39 p.m.3 views

SUSE-SU-2020:2872-1 Security update for hexchat

This update for hexchat fixes the following issues: - CVE-2016-2087: A directory traversal was possible if a user could be convinced to connect to a server with a hostname with '..' in its name. bsc1020739. This non-security issue was fixed: - Add dependency on iso-codes and hwdata as hexchat tri...

7.4CVSS7.3AI score0.09524EPSS
Exploits5References4
OSV
OSV
added 2019/02/18 11:38 p.m.21 views

GHSA-6354-6MHV-MVV5 Regular Expression Denial of Service in jadedown

The jadedown package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in. Proof of concept js var jadedown = require'jadedown'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr; return result;...

7.5CVSS7.4AI score0.01151EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2010/05/28 12:0 a.m.46 views

Java for Mac OS X 10.5 Update 7

The remote host is missing Java for Mac OS X 10.5 Update 7. SPDX-FileCopyrightText: 2010 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

10CVSS7.5AI score0.96319EPSS
Exploits51References3
Rows per page
Query Builder