212 matches found
CVE-2026-40455
An SQL Injection vulnerability exists in LMS LAN Management System before commit 4cb30a7 within the "tarifflist.php" module due to insufficient sanitization of the POST "tg" parameter. The application directly concatenates user-supplied array values into an SQL query using "implode", allowing...
CVE-2026-40455
Affected software: LMS (LAN Management System). Vulnerability: SQL Injection in the tarifflist.php module caused by insufficient sanitization of the POST tg[] parameter; the code concatenates user-supplied array values into an SQL query using implode(). Impact / access: authenticated attackers ca...
Malicious code in common-tg-service (npm)
Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 502 published versions 1.0.1 through 1.3.207 are malicious. Pairs with ams-ssk, which provides the operator's server-side AMS/CMS infrastructure...
MAL-2026-3288 Malicious code in common-tg-service (npm)
Malicious npm package published by user shetty123 as part of a Telegram account hijacking framework targeting Indian Telegram users. All 502 published versions 1.0.1 through 1.3.207 are malicious. Pairs with ams-ssk, which provides the operator's server-side AMS/CMS infrastructure...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not checking for the existence of pipectx-streamres.tg, which could lead to a null pointer dereference...
CVE-2024-58300
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
CVE-2024-58300 Siklu MultiHaul TG Series < 2.0.0 Unauthenticated Credential Disclosure Vulnerability
Siklu MultiHaul TG series devices before version 2.0.0 contain an unauthenticated vulnerability that allows remote attackers to retrieve randomly generated credentials via a network request. Attackers can send a specific hex-encoded command to port 12777 to obtain username and password, enabling...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989428)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989428 advisory. In the Linux kernel, the following vulnerability has been resolved: NFC: digital: fix possible memory leak in digitaltglistenmdaa 'params' is allocated in...
EUVD-2025-37259
Malicious code in abeya-tg-api npm...
Malicious code in abeya-tg-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37d3c8662c688eccce2f52334ff40029218abfe48b990a194be49c6e01f5fb57 The package abeya-tg-api was found to contain malicious code. Source: ghsa-malware 01b4d597b84a4aa049cd970002730cf004fb59ff7fb53a7c70196644a0c047e4 A...
Malicious code in custom-tg-bot-plan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10cef01d344d07be2f72b365cb97f994a5cea38eef145b5b25de21f1784cd740 The package custom-tg-bot-plan was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview custom-tg-bot-plan is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-37254
Malicious code in custom-tg-bot-plan npm...
MAL-2025-49248 Malicious code in abeya-tg-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37d3c8662c688eccce2f52334ff40029218abfe48b990a194be49c6e01f5fb57 The package abeya-tg-api was found to contain malicious code. Source: ghsa-malware 01b4d597b84a4aa049cd970002730cf004fb59ff7fb53a7c70196644a0c047e4 A...
Malicious Package
Overview abeya-tg-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-37253
Malicious code in sabaoa-tg-api npm...
EUVD-2025-37251
Malicious code in sai-tg-api npm...
Malicious Package
Overview sabaoa-tg-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview salli-tg-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in sabaoa-tg-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 555fda036bf0012711b8105d10f56495dc602cd4bae8463de43ca9cd3c404a1b The package sabaoa-tg-api was found to contain malicious code. Source: ghsa-malware 6876d341cb9d5baf0af61f7e2fba4237ef32a159e156fa127940553d73e1a571...