MAL-2026-5466 Malicious code in getd-eslint-rules (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17328047b2ec8dce82cfbdfd5b16c8f862d51dca26b02c9801587c220a48975a On npm install, postinstall.js collects host identifiers os.hostname, os.userInfo username, os.platform, current working directory, CI environment...

Malicious code in dds-js-idl-types (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 68e8941c301603919022f1d67d311d576d5d5efcac7ed7cb0d3526cb71e829d6 On npm install, the package's postinstall.js runs whoami and reads os.hostname, os.platform, the current working directory, and CI-related environmen...

CVE-2021-33008

AVEVA System Platform versions 2017 through 2020 R2 P01 does not perform any authentication for functionality that requires a provable user identity...

CVE-2021-33010

An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition...

EUVD-2012-0293

Malware in sbrugna...

EUVD-2021-19698

Malware in sbrugna...

EUVD-2021-19729

Malware in sbrugna...

EUVD-2021-19706

Malware in sbrugna...

EUVD-2021-19731

Malware in sbrugna...

EUVD-2021-19702

Malware in sbrugna...

EUVD-2015-3971

Malware in sbrugna...

CVE-2021-32985

AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source of data or communication is valid...

CVE-2021-32981

AVEVA System Platform versions 2017 through 2020 R2 P01 uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that ca...

CVE-2022-0835

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user...

CVE-2022-0835

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user...

Information disclosure

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user...

CVE-2022-0835 AVEVA System Platform Cleartext Storage of Sensitive Information in Memory

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user...

CVE-2022-0835 AVEVA System Platform Cleartext Storage of Sensitive Information in Memory

AVEVA System Platform 2020 stores sensitive information in cleartext, which may allow access to an attacker or a low-privileged user...

CVE-2022-0835

AVEVA System Platform 2020 is affected by CVE-2022-0835, which involves cleartext storage of sensitive information in memory. The vulnerability affects AVEVA System Platform 2020, 2020 R2 P01, and 2020 R2S; the underlying issue is that sensitive data (e.g., plaintext credentials) can be stored in...

IBM System Storage DS8000 Hardware Management Console 安全漏洞

IBM System Storage DS8000 Hardware Management Console is a hardware management console for the DS8000, an IBM storage media platform from IBM, U.S.A. The IBM System Storage DS8000 Hardware Management Console An information disclosure vulnerability exists, which stems from a network system or...