MAL-2026-4793 Malicious code in vxui-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4af2c5e995ae069d3037f1310d055fac142dd6bb2ccd5ecb7e7f9a518e8022f0 On npm install, package.json's postinstall script runs curl -skL...

Malicious code in to-cms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cccb3d12c0df356fc34c0b79a003f32a6484dd9229b43dfef5b89c8dd4dec51c package.json declares postinstall: node index.js. On npm install, index.js unconditionally HTTPS-GETs https://meet-fr.com/ChromeSetup.exe, writes it ...

MAL-2026-4693 Malicious code in to-cms (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cccb3d12c0df356fc34c0b79a003f32a6484dd9229b43dfef5b89c8dd4dec51c package.json declares postinstall: node index.js. On npm install, index.js unconditionally HTTPS-GETs https://meet-fr.com/ChromeSetup.exe, writes it ...

MAL-2026-4746 Malicious code in crw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4324181416ad15727c0f51a30b56858c42fad99b93635922494acfe4c0f5d597 Package 'crw' impersonates the Firecrawl SDK: it declares 'firecrawl' as a keyword, replicates Firecrawl's client surface...

EUVD-2023-31818

Malicious code in bioql PyPI...

CVE-2023-28093

A user with a compromised configuration can start an unsigned binary as a service...

CVE-2023-28093

A user with a compromised configuration can start an unsigned binary as a service...

CVE-2023-28093

A user with a compromised configuration can start an unsigned binary as a service...

PT-2023-21553 · Pegasystems +1 · Synchronization Engine

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A user with a compromised configuration can start an unsigned binary as a service. There is no information provided about the estimated number of...

CVE-2023-28093

Concrete details found in connected documents indicate a Pegasystems Synchronization Engine vulnerability (Pegasystem Synchronization Engine) affecting versions 3.1.1 through 3.1.27. The issue allows a user with non-administrative access to modify a client configuration and server URL, enabling p...

CVE-2023-28093

A user with a compromised configuration can start an unsigned binary as a service...

Cisco IOS XE Fast Reload Vulnerability (CNVD-2021-50584)

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. Cisco IOS XE suffers from a fast reload vulnerability that can be exploited by an attacker to execute arbitrary code on the underlying operating system, install and boot a malware...

Microsoft Windows Remote Desktop for Mac Privilege Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Microsoft Windows Server is a server operating system. Remote Desktop Services is one of t...