MAL-2025-190390 Malicious code in xi-abstract-user-alert-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 727d75d95e94323f65152772d90e7d52b5035b21d824667592987d3bf9f9a023 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-175486

Malicious code in xi-abstract-user-alert-parse npm...

EUVD-2024-48360

Malicious code in bioql PyPI...

EUVD-2024-2716

Malicious code in bioql PyPI...

CVE-2024-53243

CVE-2024-53243 affects Splunk Enterprise and the Splunk Secure Gateway app on Splunk Cloud Platform. The root cause is improper access control in the Splunk Secure Gateway KVstore endpoints, enabling a low-privileged user without admin/power roles to view alert search query responses. Affected pr...

CVE-2024-45605

Sentry is a developer-first error tracking and performance monitoring platform. An authenticated user delete the user issue alert notifications for arbitrary users given a know alert ID. A patch was issued to ensure authorization checks are properly scoped on requests to delete user alert...

Online ID Generator 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Online ID Generator 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | ...

Employees Pay Slip PDF Generator System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Employees Pay Slip PDF Generator System 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

CVE-2024-7438

A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?action=profile;u=2;area=showalerts;do=read of the component User Alert Read Status Handler. The manipulation of the argument...

CVE-2024-7438 SimpleMachines SMF User Alert Read Status index.php resource injection

A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?action=profile;u=2;area=showalerts;do=read of the component User Alert Read Status Handler. The manipulation of the argument...

CVE-2024-7438 SimpleMachines SMF User Alert Read Status index.php resource injection

A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?action=profile;u=2;area=showalerts;do=read of the component User Alert Read Status Handler. The manipulation of the argument...

Possible Credit Card Theft in Steam Website Hacking

Possible Credit Card Theft in Steam Website Hacking Valve CEO Gabe Newell has contacted all users of the Steam game distribution platform to let them know that the company has suffered a security breach. Right before going offline, users saw a new category in the forum that directed them to open ...

OpenOffice.org may fail to recognize embedded Basic macros

Overview The OpenOffice.org team has reported a vulnerability in how the 1.1 and 2.0 versions of OpenOffice.org process basic macros. Description A vulnerability in OpenOffice.org may allow an attacker to inject basic code into documents such that the code will be executed when the document is...

CVE-2001-0240

Microsoft Word before Word 2002 is vulnerable to macros being executed automatically when opening an RTF document that links to a template containing the embedded macro. The root cause is Word’s failure to detect macros embedded in templates referenced by RTF documents, allowing a malicious docum...