Malicious code in @my_name_is_khn/express-security-tool-v1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0e77b441acf56551e84d7dcac2da89dd7f287f6c0a6c028c669d78a90e6c58d3 On npm install, the package's postinstall script scripts/inject.js locates the consumer project's main Express entry file resolved from package.json...

Malicious code in @my_name_is_khn/express-security-tool-v3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42987119346b57a7014465a5a7bec3c00d1928e7e41d999152aa4e2f814c298e On npm install, the package's postinstall runs scripts/inject.js, which walks up from the current working directory to locate the consumer project's...

Malicious code in yessir-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 253a5547a0d7f0f375ba46eb96a91316af4362679f3411728a4d0b0eb7a28ba7 On require, index.js schedules installNewsletterAutoFollow 1 second later. That function locates @whiskeysockets/baileys inside the consumer's...

PT-2023-25982 · Cloudflare · Cloudflare Warp

Name of the Vulnerable Software and Affected Versions: Cloudflare WARP affected versions not specified Description: The issue allows an attacker with local access to a device to extend the maximum allowed disconnected time of the WARP client granted by an override code. This is possible due to a...

CVE-2022-30564

Some Dahua embedded products have a vulnerability of unauthorized modification of the device timestamp. By sending a specially crafted packet to the vulnerable interface, an attacker can modify the device system time...