32 matches found
EUVD-2025-179299
Malicious code in development-webdriver-mocha-leda-bellatrix npm...
MAL-2025-187117 Malicious code in ganymede-webdriver-manager-convict-equinox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8a9dd33aabe6b5b026655e8cc3da8627bbdf9d68cf9b8cd88bf86fd96847df16 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-176259
Malicious code in spectron-webdriver-nodemon-sedimentology-on npm...
EUVD-2025-176626
Malicious code in rimraf-webdriver-manager-impulse-dione npm...
EUVD-2025-121799
Malicious code in spectron-webdriver-betelgeuse-odin-cypress npm...
Malicious code in pyxis-webdriver-manager-selenium-gridsome (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2dd635838c8a3e29ed758fb816df1aae5113f58d4136c3bc38d13731170c1aa8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in telesto-webdriver-mocha-cosmiconfig-bellatrix (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 470bdd92dc331eb2038dedce586fd6ee3b993f2e59323484d130cae97a00686a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121795
Malicious code in spectron-webdriver-galaxy-avior-repository npm...
EUVD-2004-2026
Malware in sbrugna...
EUVD-2019-0265
Malware in sbrugna...
EUVD-2024-39882
Malicious code in bioql PyPI...
MAL-2025-47298 Malicious code in browser-webdriver-downloader (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01fb714365440560815380bba71421a48f96fcc47b83487acaaa72a1410c0ab5 Any computer that has this package installed or running should be considered fully compromised. All...
Selenium-Poc
This is a proof-of-concept PoC exploit targeting the demo.nopc...
Malicious code in web-driver-wrapper (npm)
The package web-driver-wrapper was found to contain malicious code...
MAL-2025-38970 Malicious code in web-driver-wrapper (npm)
The package web-driver-wrapper was found to contain malicious code...
Selenium arbitrary file read
If there is an open selenium web driver, a remote attacker can send requests to the victims browser. In certain cases this can be used to access to the remote file system. Module Options msf use auxiliary/gather/seleniumfileread msf auxiliaryseleniumfileread show actions ...actions... msf...
CVE-2024-42329
The webdriver for the Browser object expects an error object to be initialized when the webdriversessionquery function fails. But this function can fail for various reasons without an error description and then the wd-error will be NULL and trying to read from it will result in a crash...
CVE-2024-42328
When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curlwritecb when receiving data. If the server's response is an empty document, then wd-data in the code below will remain NULL and an attempt to read from it will...
CVE-2024-51483 changedetection.io Path Traversal vulnerability
changedetection.io is free, open source web page change detection software. Prior to version 0.47.5, when a WebDriver is used to fetch files, source:file:///etc/passwd can be used to retrieve local system files, where the more traditional file:///etc/passwd gets blocked. Version 0.47.5 fixes the...
Malicious code in Syntellect.Winium.Web.Driver (NuGet)
--- -= Per source details. Do not edit below this line.=-...