394 matches found
Malicious Package
Overview @sev-ui-verse/feature-flag is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
DEBIAN-CVE-2025-39822
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-58880
CVE-2025-58880 affects the WordPress plugin Translate This gTranslate Shortcode (versions up to 1.0). The vulnerability is an Stored Cross-Site Scripting (XSS) arising from improper input neutralization during web page generation. The CVE entry notes a MODERATE risk (CVSS v3.1 base score 6.5) wit...
CVE-2025-58880 WordPress Translate This gTranslate Shortcode Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reubenthiessen Translate This gTranslate Shortcode translate-this-google-translate-web-element-shortcode allows Stored XSS.This issue affects Translate This gTranslate Shortcode: from n/a through =...
CVE-2025-58880 WordPress Translate This gTranslate Shortcode Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in reubenthiessen Translate This gTranslate Shortcode translate-this-google-translate-web-element-shortcode allows Stored XSS.This issue affects Translate This gTranslate Shortcode: from n/a through =...
WordPress Translate This gTranslate Shortcode Plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin Translate This gTranslate Shortcode versions = 1.0...
WordPress plugin Translate This gTranslate Shortcode Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
...
Malicious code in this-is-vvvv (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41779 Malicious code in this-is-vvvv (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Linux Distros Unpatched Vulnerability : CVE-2017-6819
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In WordPress before 4.7.3, there is cross-site request forgery CSRF in Press This wp- admin/includes/class-wp-press-this.php, leading to excessive use of server...
Linux Distros Unpatched Vulnerability : CVE-2017-5610
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wp-admin/includes/class-wp-press-this.php in Press This in WordPress before 4.7.2 does not properly restrict visibility of a taxonomy-assignment user interface,...
MAL-2025-41333 Malicious code in this-should-be-ignored (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b64896576ac7254afb7e1202835ec4f39b5b64af2cb380a7bf3b172deba75497 The OpenSSF Package Analysis project identified...
CVE-2025-38565
In the Linux kernel, the following vulnerability has been resolved: perf/core: Exit early on perfmmap fail When perfmmap fails to allocate a buffer, it still invokes the eventmapped callback of the related event. On X86 this might increase the perfrdpmcallowed reference counter. But nothing undoe...
CVE-2025-8719
The Translate This gTranslate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘baselang’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-8719 Translate This - Google Translate Web Element Shortcode <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via base_lang Parameter
The Translate This gTranslate Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘baselang’ parameter in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2025-8719
CVE-2025-8719 documents a Stored Cross-Site Scripting vulnerability in Translate This gTranslate Shortcode for WordPress, affecting all versions up to 1.0. The issue is triggered via the base_lang parameter and requires authentication at Contributor level or higher to inject scripts that execute ...
WordPress plugin Translate This gTranslate Shortcode Cross Site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Malicious code in this-trade-value (npm)
The package this-trade-value was found to contain malicious code...
Malicious code in a-vailable-al-bum-file-192011-from-this-place-nx95v-minwrk (npm)
The package a-vailable-al-bum-file-192011-from-this-place-nx95v-minwrk was found to contain malicious code...