EUVD-2024-19411

Malicious code in bioql PyPI...

Malicious code in @stride-mfe/wmc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77cc9defe144c1f3b98ce1ea8f91ca33aaf789c8ed02f2ee137861782c89f711 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-25568

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands by sending a specially crafted request to the product. Affected products and versions are as follows: WRC-X3200GST3-B v1.25 and earlier, WRC-G01-W...

PT-2024-21010 · Elecom · Wmc-X1800Gst-B +2

Name of the Vulnerable Software and Affected Versions: ELECOM wireless LAN routers versions prior to v1.25 WRC-G01-W versions prior to v1.24 WMC-X1800GST-B versions prior to v1.41 Description: The issue allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands by sending...

CVE-2024-21798

ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web...

CVE-2024-23910

Cross-site request forgery CSRF vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B a...

CVE-2024-25579

OS command injection vulnerability in ELECOM wireless LAN routers allows a network-adjacent attacker with an administrative privilege to execute arbitrary OS commands by sending a specially crafted request to the product. Note that WMC-X1800GST-B is also included in e-Mesh Starter Kit "WMC-2LX-B"...

CVE-2024-23910

Cross-site request forgery CSRF vulnerability in ELECOM wireless LAN routers and wireless LAN repeater allows a remote unauthenticated attacker to hijack the authentication of administrators and to perform unintended operations to the affected product. Note that WMC-X1800GST-B and WSC-X1800GS-B a...

CVE-2024-21798

ELECOM wireless LAN routers contain a cross-site scripting vulnerability. Assume that a malicious administrative user configures the affected product with specially crafted content. When another administrative user logs in and operates the product, an arbitrary script may be executed on the web...

CVE-2018-14003

The CVE-2018-14003 entry concerns WeMediaChain (WMC), an Ethereum token smart contract. The vulnerability is an integer overflow in the batchTransfer function, which could allow an attacker to set any user’s balance. Root cause: integer overflow in the transfer logic. Impact: unauthorized balance...