Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

322 matches found

Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview a1420ks-bmi is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using a1420ks-bmi...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview activerecord-safe-initialize is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid usin...

8CVSS5.4AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview a1521hk-age is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using a1521hk-age...

8CVSS5.5AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview adtechapi-client is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.2 views

Malicious Package

Overview api-clientbuilder is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS5.5AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview commission-junctionstats is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview devino-sms is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using devino-sms...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview 3scale-timerange is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview application-config is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview act-astimeasboolean is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview jaconda-telegram is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview accredibleapi-ruby is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS5.5AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview arserialize-helpers is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview cache-stats is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using cache-stats...

8CVSS6.9AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview atest-gem is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using atest-gem...

8CVSS5.4AI score
Exploits0References2
Snyk
Snykadded 2020/04/17 12:0 a.m.1 views

Malicious Package

Overview authtransis-client is a malicious package. Affected versions of this package were found to be a Malicious Package, as it utilised typosquatting to run Malicious 3rd party scripts. It replaced genuine packages using an and replaced it with - and vice versa Remediation Avoid using...

8CVSS5.5AI score
Exploits0References2
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2020/03/24 12:0 a.m.68 views

JVN#27951364: WL-Enq (WEB Enquete) vulnerable to OS command injection

WL-Enq WEB Enquete provided by WonderLink is a CGI to provide web enquete functions. WL-Enq WEB Enquete contains an OS command injection vulnerability CWE-78. Impact A remote attacker may execute arbitrary OS commands with the administrative privilege. Solution Consider stop using WL-Enq 1.12 Sin...

10CVSS10AI score0.02142EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2020/02/17 9:31 a.m.2 views

sqlite: Out-of-bounds read in SELECT with ON/USING clause

An out-of-bounds read vulnerability was found in the SQLite component of the Chromium browser. A remote attacker could abuse this flaw to obtain potentially sensitive information from process memory via a crafted HTML page. The highest threat from this vulnerability is to data confidentiality...

6.5CVSS7.3AI score0.00738EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2020/01/10 12:0 a.m.69 views

SUSE SLES12 Security Update : nodejs12 (SUSE-SU-2020:0059-1) (0-Length Headers Leak) (Data Dribble) (Empty Frames Flood) (Internal Data Buffering) (Ping Flood) (Reset Flood) (Resource Loop) (Settings Flood)

This update for nodejs12 fixes the following issues : Update to LTS release 12.13.0 jscSLE-8947. Security issues fixed : CVE-2019-9511: Fixed the HTTP/2 implementation that was vulnerable to window size manipulations bsc1146091. CVE-2019-9512: Fixed the HTTP/2 implementation that was vulnerable t...

7.8CVSS7.4AI score0.50822EPSS
Exploits1References29
Broadcom
Broadcomadded 2018/09/20 12:0 a.m.5 views

BSA-2018-708

Security Advisory ID : BSA-2018-708 Component : Ghostscript Revision : 1.0: Final Ghostscript contains an optional -dSAFER option, which is supposed to prevent unsafe PostScript operations. Multiple PostScript operations bypass the protections provided by -dSAFER, which can allow an attacker to...

9.3CVSS8.1AI score0.9181EPSS
Exploits4
Rows per page
Query Builder