5 matches found
Malicious code in prisma-client-python (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ba0c0f6a1d1bdb5bffb45ca56fb99b8084fba921cc7689b6e8913c0436fe392 The package's CLI flow ppy generate reads dist/index.enc, a 346 KB AES-encrypted blob, decrypts it using a key extracted from dist/key.enc substring...
MAL-2026-4646 Malicious code in prisma-client-python (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ba0c0f6a1d1bdb5bffb45ca56fb99b8084fba921cc7689b6e8913c0436fe392 The package's CLI flow ppy generate reads dist/index.enc, a 346 KB AES-encrypted blob, decrypts it using a key extracted from dist/key.enc substring...
EUVD-2026-17652
AVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI Guard...
GHSA-WWPW-HRX8-79R5 AVideo: Unauthenticated File Deletion via PHP Operator Precedence Bug in CLI Guard
Summary The AVideo installation script install/deleteSystemdPrivate.php contains a PHP operator precedence bug in its CLI-only access guard. The script is intended to run exclusively from the command line, but the guard condition !phpsapiname === 'cli' never evaluates to true due to how PHP...
Asus Rog Live Service 后置链接漏洞
ASUS Rog Live Service is a Desktop Shareware program from ASUS in China. A security vulnerability exists in ASUS Rog Live Service, which stems from a feature in ROG Live Service that deletes temporary files created by the installation without verifying the path before deletion, which can be...