MAL-2025-77 Malicious code in build-stuff (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b7ff7f3b5a1ee73432fc3f1ace509ffe1fcb48099ecca9aa87e0396fab2a7f8 Any computer that has this package install...

CVE-2024-46760 wifi: rtw88: usb: schedule rx work after everything is set up

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: usb: schedule rx work after everything is set up Right now it's possible to hit NULL pointer dereference in rtwrxfillrxstatus on hw object and/or its fields because initialization routine can start getting USB replie...

Malicious code in bankrate-stuff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 857d78d4a0691e2714e3c43f0001af9777c66644e48d145cc3ef19976a4feb07 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7936 Malicious code in bankrate-stuff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 857d78d4a0691e2714e3c43f0001af9777c66644e48d145cc3ef19976a4feb07 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Bazaar Social Listing Shopping Web PHP Template 2.3.2 Privilege Escalation

==================================================================================================================================== | Title : Bazaar | Social Listing Shopping Web PHP Template v2.3.2 Privilege Escalation Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.P...

Malicious Package

Overview lego-stuff is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Malicious code in lego-stuff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f68048b64d2f636d41c97edba1631e654e4141f21d4b318622cc529eb5197ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-565 Malicious code in lego-stuff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f68048b64d2f636d41c97edba1631e654e4141f21d4b318622cc529eb5197ea Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in bfx-stuff-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 664981f09a41326d6bdaec693a2d3f7846f69a5569859384bdbf9a56dcdc203c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1550 Malicious code in bfx-stuff-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 664981f09a41326d6bdaec693a2d3f7846f69a5569859384bdbf9a56dcdc203c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in netlify-testing-stuff (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b05784f3a001a6314d0d92d3b64ec3069cde31dfa69774fd4271244ff5b619a8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

textilesandstuff.co.uk Cross Site Scripting vulnerability OBB-1369846

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

textilesandstuff.co.uk Cross Site Scripting vulnerability OBB-1359194

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Shopify: Disclose STUFF member name and make actions.

Hello Shopify Security Team! Bug Summary: ============= Based on the report 968165, this also can retrieve the STUFF member name and can send messages using his name. Reproduction steps: ============= - install shopify chat applications. Start Exploit 1 : ============= + Go to targeted store : +...

CVE-2019-6753

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Integer overflow

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.3.0.10826. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

PT-2019-18313 · Foxit · Foxit Reader

Name of the Vulnerable Software and Affected Versions: Foxit Reader version 9.3.0.10826 Description: This issue allows remote attackers to disclose sensitive information on vulnerable installations. User interaction is required, where the target must visit a malicious page or open a malicious fil...

GNU Binutils Denial of Service Vulnerability (CNVD-2018-12117)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives.GNU libiberty is one of the GNU program...

Debian DLA-1191-1 : python-werkzeug security update

A security issue that allows XSS on the Werkzeug debugger allows remote attackers to inject arbitrary stuff via a field that contains an exception message. For Debian 7 'Wheezy', these problems have been fixed in version 0.8.3+dfsg-1+deb7u1. We recommend that you upgrade your python-werkzeug...

pdfstuff4u.com XSS vulnerability

Vulnerable URL: http://pdfstuff4u.com/search.php?q=...