Lucene search
K

4 matches found

OSV
OSV
added 2026/06/12 3:24 p.m.27 views

MAL-2026-5697 Malicious code in web-model-bridge (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d2c385c177531c421e5a49f41d931890a48c16c921b23cc20f2bf4cd8fae893 On npm install, postinstall.js sends an HTTPS POST to https://ddactic-lab.online/sc/beacon carrying the package name/version, Node version, OS,...

5.5AI score
Exploits0References2
OSV
OSV
added 2026/05/20 6:33 p.m.8 views

MAL-2026-4507 Malicious code in cb-wallet-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8d704c0a6a48da0e2fef8eddcd1f98e7d380c3e19f22753f3df51d9893f60ce Package name mimics Coinbase's internal cb-wallet- namespace to capture dependency-confusion resolutions. On npm install postinstall.js and on...

5.8AI score
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/03/25 8:10 p.m.6 views

Mozilla: Leaking of encrypted email subjects to other conversations

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as follows: The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the...

7.5CVSS7.3AI score0.00682EPSS
Exploits1References5
Hacker One
Hacker One
added 2020/10/03 9:30 p.m.32 views

Shopify: your-store.myshopify.com preview link is leak on third party website lead to preview all action from store owner Without store Password.

Hi Security Team, Description It has been identified that the application is leaking Link to third party sites. In this case it was found that the Linkis being leaked to third party sites which is a issue knowing the fact that it can allow any malicious users to use the Link to catch/preview all...

6.9AI score
Exploits0
Rows per page
Query Builder