240 matches found
EUVD-2014-4592
Malware in sbrugna...
EUVD-2015-6767
Malware in sbrugna...
EUVD-2023-45152
Malicious code in bioql PyPI...
EUVD-2023-43602
Malicious code in bioql PyPI...
EUVD-2022-46559
Malicious code in bioql PyPI...
EUVD-2024-51916
Malicious code in bioql PyPI...
EUVD-2025-8427
Malicious code in bioql PyPI...
EUVD-2022-46561
Malicious code in bioql PyPI...
Malicious code in solana-spl-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis abc65f4de1b50248d903c79cb67ac016c8da464314e5830c70dbe0a1140503a9 The OpenSSF Package Analysis project identified 'solana-spl-sdk' @ 0.1.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in spl-transpiler (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6593 Malicious code in spl-transpiler (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in spl-token-v2 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...
MAL-2025-6127 Malicious code in spl-token-v2 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...
CLSA-2025-1752087242 Update of ca-certificates
update to CKBI 2.74 from NSS 3.110 - updated certificates: - Certificate "Entrust.net Premium 2048 Secure Server CA" - Certificate "Entrust Root Certification Authority" - Certificate "AffirmTrust Commercial" - Certificate "AffirmTrust Networking" - Certificate "AffirmTrust Premium" - Certificate...
CVE-2023-39902
A software vulnerability has been identified in the U-Boot Secondary Program Loader SPL before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree FIT format structure can be used to overwrite SPL memory, allowing unauthenticated software to...
CVE-2010-2504
Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066...
CVE-2017-12572
Persistent Cross Site Scripting XSS exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104...
MAL-2025-3856 Malicious code in spl-tokens (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 86e0efcb779c43be336174a24f04614ab82be9f92a235feaf6e344d814bb2789 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in spl-tokens (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 86e0efcb779c43be336174a24f04614ab82be9f92a235feaf6e344d814bb2789 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-20226 Risky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command using the permission...