Malicious Package

Overview trex-proxy-browser-extension-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

MAL-2026-1971 Malicious code in trex-proxy-browser-extension-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9eb36a59a719cff949c203a03a41c54b637bb1974bdea728b1bc15e837a7db45 The package trex-proxy-browser-extension-sdk was found to contain malicious code. Source: ghsa-malware...

Malicious code in trex-proxy-browser-extension-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9eb36a59a719cff949c203a03a41c54b637bb1974bdea728b1bc15e837a7db45 The package trex-proxy-browser-extension-sdk was found to contain malicious code. Source: ghsa-malware...

EUVD-2016-7074

Malware in sbrugna...

EUVD-2018-14333

Malware in sbrugna...

EUVD-2017-3080

Malware in sbrugna...

EUVD-2016-7080

Malware in sbrugna...

EUVD-2017-16667

Malware in sbrugna...

Fedora: Security Advisory for msv (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: msv-2022.7-4.fc40

The Multi Schema Validation toolkit is a Java based toolkit consisting of 8 different submodules. The core module is the Multi-Schema XML Validator MSV for the validation of XML documents against several kinds of XML schemata The core supports RELAX NG, RELAX Namespace, RELAX Core, TREX, XML DTDs...

CVE-2018-2478

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the adm user. The commands executed depen...

CVE-2018-2478

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the adm user. The commands executed depen...

CVE-2018-2478

CVE-2018-2478 affects SAP Basis and related TREX/BWA installations. The vulnerability allows an attacker to use specially crafted inputs to execute commands on the host, with the commands limited to what the adm user can run; the actual commands depend on the privileges of that user. Affected ver...

SAP TREX Code Injection Vulnerability

SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. A code injection vulnerability exists in SAP TREX version 7.10. The vulnerability can be exploited by a remote attacker to read or write to arbitrary files and execute arbitrary code with the help of the fd...

CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

Command injection

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

CVE-2017-11459

CVE-2017-11459 affects SAP TREX 7.10. The vulnerability allows remote attackers to read arbitrary files via the fget command and to write arbitrary files to potentially execute arbitrary code via the fdir command, per SAP Security Note 2419592. Root cause labeled as Missing Authentication for Cri...

CVE-2017-11459

SAP TREX 7.10 allows remote attackers to 1 read arbitrary files via an fget command or 2 write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Note 2419592...

Insecure log configuration in TREX

Application: SAP TREX Versions Affected: SAP TREX 7.1-7.25 Vendor URL: SAP Bug: Information disclosure Reported: 16.05.2017 Vendor response: 17.05.2017 Date of Public Advisory: 12.09.2017 Reference: SAP Security Note 2489196 Author: Nursultan Abubakirov ERPScan VULNERABILITY INFORMATION Class:...