6 matches found
EUVD-2025-29364
Malicious code in bioql PyPI...
CVE-2025-53494
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - TwoColConflict Extension allows Stored XSS.This issue affects Mediawiki - TwoColConflict Extension: from 1.39.X before 1.39.13, from 1.42.X before 1.42.7, fr...
SurrealDB has local file read of 2-column TSV files via analyzers
An authenticated system user at the root, namespace, or database levels can use the DEFINE ANALYZER statement to point to arbitrary file locations on the file system, and should the file be tab separated with two columns, the analyzer can be leveraged to exfiltrate the content. This issue was...
GHSA-2CVJ-G5R5-JRRG SurrealDB has local file read of 2-column TSV files via analyzers
An authenticated system user at the root, namespace, or database levels can use the DEFINE ANALYZER statement to point to arbitrary file locations on the file system, and should the file be tab separated with two columns, the analyzer can be leveraged to exfiltrate the content. This issue was...
Malicious code in two-column-image-text-grid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 816a60cffab8a3e09e7bdd3135a8d8fdb6bca092a94ec723a64d7aecd057d471 The OpenSSF Package Analysis project identified 'two-column-image-text-grid' @ 69.69.69 npm as malicious. It is considered malicious because: -...
MAL-2024-7695 Malicious code in two-column-image-text-grid (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 816a60cffab8a3e09e7bdd3135a8d8fdb6bca092a94ec723a64d7aecd057d471 The OpenSSF Package Analysis project identified 'two-column-image-text-grid' @ 69.69.69 npm as malicious. It is considered malicious because: -...