Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/02/07 6:22 p.m.3 views

Malicious code in vhx-node-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97a8bc9059906dee3aacb8bfb00ab219e1fb0cc948a15b861d2455a4a36ec006 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSV
OSVadded 2025/02/07 6:22 p.m.3 views

MAL-2025-1239 Malicious code in vhx-node-demo (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97a8bc9059906dee3aacb8bfb00ab219e1fb0cc948a15b861d2455a4a36ec006 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSVadded 2022/06/20 8:9 p.m.3 views

MAL-2022-4554 Malicious code in meoconlonton-vhx-fresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc7692a67d16307a44291bbb7204f96bc2670e25955f8802c420a30095e5df42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:9 p.m.2 views

Malicious code in meoconlonton-vhx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e40d361e3fbc30040dc775b7b51fa26ae2f9a5034066803de753a73ec3132c30 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2022/06/20 8:9 p.m.2 views

Malicious code in meoconlonton-vhx-fresh (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc7692a67d16307a44291bbb7204f96bc2670e25955f8802c420a30095e5df42 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSVadded 2022/06/20 8:9 p.m.6 views

MAL-2022-4553 Malicious code in meoconlonton-vhx-cricle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74e46219c746f5ca66a9837373c50e7039b60c93dc0b1a32e9de119138af4dd8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Hacker One
Hacker Oneadded 2018/11/29 2:55 p.m.24 views

Vimeo: Possibility to overwrite any file in the vpe.cdn.vimeo.tv leads to the Stored XSS for the all customers on the embed.vhx.tv

By modifying the Content-Type to be blank, during a PUT command, the researcher was able to upload files to the CDN. This has been resolved. It was possible to write and overwrite arbitrary files to the CDN vpe.cdn.vimeo.tv used for JS scripts delivery on the various in-scope assets using the PUT...

0.5AI score
Exploits0
Rows per page
Query Builder