Malicious code in wpi-rules-valid-events (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1f8f8319f361dae60da61058ccd4776881160f6a820fbad5fe51373e6084e45b The OpenSSF Package Analysis project identified 'wpi-rules-valid-events' @ 6.6.6 npm as malicious. It is considered malicious because: - The...

MAL-2023-1501 Malicious code in wpi-xmldom (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5ca72dd827e914309265980a13573c7017021ad948c7fb748b36707a9aa85e47 The OpenSSF Package Analysis project identified 'wpi-xmldom' @ 2.2.2 npm as malicious. It is considered malicious because: - The package...

Microsoft Windows线程池ACL本地权限提升漏洞（MS09-012）

BUGTRAQ ID: 34444 CVECAN ID: CVE-2009-0080 Microsoft Windows是微软发布的非常流行的操作系统。 Windows对当前ThreadPool中的线程设置了错误的ACL，本地攻击者可以利用令牌劫持的方式获得权限提升。成功利用此漏洞的攻击者可以完全控制受影响的系统，攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。 Microsoft Windows Vista SP1 Microsoft Windows Vista Microsoft Windows Server 2008 临时解决方法： IIS 6.0 -...

Unfixed XSS vulnerability at www.wpi.edu

Security researcher TreX, has submitted on 04/12/2007 a cross-site-scripting XSS vulnerability affecting www.wpi.edu, which at the time of submission ranked 34765 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 04/12/2007. It is currently...