124 matches found
Malicious code in websocet-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx def6cdda3e16e392e575914ced25e522c3bcb3ca50d8228652a805cc7ee4ae51 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocket-clietn (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 81783882612ba7b6fae545c40b498a476222def4eab8e8b779ff41cefcb93e3d Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2385 Malicious code in websocket-clieent (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4feae31dcf666a30e8848da752d72614ca03bd3c60eedb2f69a4de43eb9f7560 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocke-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5faa944bbc2b25316c377963c3a5db62a519e24c7eae9387a841b8cb137b36b5 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2362 Malicious code in webbsocket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 72a6a6ad23d9e1606f946a818154ebb20f3b649d47e7094f7854e0ee3b4016c2 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in weboscket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2cc6bfd099608112cc4fae288c5acdc5d9c5a18dbad3be61e20e1b35dcf98f50 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websocket-cleint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b95022cf171781e9a5b50900b78390fa8ba1d016e8c2e34ff9e7fbf2d900ceed Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in webscket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6c8716d958d7a19a4e59c03eac34c6d8338493b88fb15fd0440025fcbce59c34 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2368 Malicious code in webscket-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6c8716d958d7a19a4e59c03eac34c6d8338493b88fb15fd0440025fcbce59c34 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Malicious code in websockt-client (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 69c7aefbf467766ec8bbb120d81bb6f61491564fa89b81d0d42be3c249bfae27 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
MAL-2023-2392 Malicious code in websocket-clint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e2ed5b9c8a0271395a5e0407624dd18f8b28071aee5588b73ad595d0d126499a Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...
Gohide - Tunnel Port To Port Traffic Over An Obfuscated Channel With AES-GCM Encryption
Tunnel port to port traffic via an obfuscated channel with AES-GCM encryption. Obfuscation Modes Session Cookie HTTP GET http-client Set-Cookie Session Cookie HTTP/2 200 OK http-server WebSocket Handshake "Sec-WebSocket-Key" websocket-client WebSocket Handshake "Sec-WebSocket-Accept"...
KubeEdge 资源管理错误漏洞
KubeEdge is KubeEdge open source a Kubernetes native edge computing framework. Built on Kubernetes and extends native containerized application orchestration and device management to edge hosts. A resource management error vulnerability exists in KubeEdge versions prior to 1.11.1, 1.10.2, and...
Malicious code in hb-websocket-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7dec13e28e581a9f8949e7c49dcc4ff1e9957ae0b21e4d422b33d6ac2e8c724 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3572 Malicious code in hb-websocket-client (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7dec13e28e581a9f8949e7c49dcc4ff1e9957ae0b21e4d422b33d6ac2e8c724 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
cn.yanyvpingsheng:bililive-sdk (=0.1.0), com.cesanta:cloud-service-stubs (>=0.0.1 <=0.0.3) +26 more potentially affected by CVE-2017-1000209 via com.neovisionaries:nv-websocket-client (>=1.16 <=1.4)
com.neovisionaries:nv-websocket-client MAVEN version =1.16, =0.0.1, =0.0.1, =1.2, =1.2, =1.3.2, =1.9.1.10.0, =0.4.2, =1.5.1.9.2, =0.4.0, =2.6.0, =1.2.0, =1.0.0, =7.2.0 and more Source cves: CVE-2017-1000209 Source advisory: OSV:GHSA-4HXV-95RC-JQG7...
SUSE: Security Advisory (SUSE-SU-2018:2699-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-2V5C-755P-P4GV Missing TLS certificate verification in faye-websocket
The Faye::WebSocket::Client class uses the EM::Connectionstarttls1 method in EventMachine2 to implement the TLS handshake whenever a wss: URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a...
Missing TLS certificate verification in faye-websocket
The Faye::WebSocket::Client class uses the EM::Connectionstarttls1 method in EventMachine2 to implement the TLS handshake whenever a wss: URL is used for the connection. This method does not implement certificate verification by default, meaning that it does not check that the server presents a...
Huawei EulerOS: Security Advisory for tomcat (EulerOS-SA-2019-1992)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...