43 matches found
Malicious Package
Overview wt-fe-buz-utilities-url is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
Malicious Package
Overview wt-fe-buz-business-stoplimit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
CVE-2026-21434
This CVE affects webtransport-go (versions 0.3.0 to 0.9.0). A WT_CLOSE_SESSION capsule with an oversized Application Error Message can be fully read and stored in memory due to lack of the draft-mandated 1024-byte limit, enabling memory exhaustion. The issue is fixed in version 0.10.0. Affected i...
GHSA-PX4R-G4P3-HHQV webtransport-go: CloseWithError can block indefinitely
Summary An attacker can cause a denial of service in webtransport-go by preventing or indefinitely delaying WebTransport session closure. A malicious peer can withhold QUIC flow control credit on the CONNECT stream, blocking transmission of the WTCLOSESESSION capsule and causing the close operati...
Malicious Package
Overview wt-react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2025-48402 Malicious code in wt-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2d85a0a81bf32d87da2b57522113cf28e122344c75d7055ea5d5116d63f61e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wt-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2d85a0a81bf32d87da2b57522113cf28e122344c75d7055ea5d5116d63f61e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2008-2521
Malware in sbrugna...
EUVD-2010-1302
Malware in sbrugna...
EUVD-2010-1303
Malware in sbrugna...
MAL-2025-31865 Malicious code in react-wt-jquery-and-css (npm)
The package react-wt-jquery-and-css was found to contain malicious code...
Malicious code in react-wt-jquery-and-css (npm)
The package react-wt-jquery-and-css was found to contain malicious code...
CVE-2025-5492
A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...
CVE-2025-5492
A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...
CVE-2025-5492 D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injection
A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...
CVE-2025-5492 D-Link DI-500WF-WT /usr/sbin/jhttpd msp_info.htm sub_456DE8 command injection
A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 and classified as critical. Affected by this vulnerability is the function sub456DE8 of the file /mspinfo.htm?flag=cmd of the component /usr/sbin/jhttpd. The manipulation of the argument cmd leads to command injection. The attack...
CVE-2025-5492
Summary: CVE-2025-5492 affects D-Link DI-500WF-WT up to 20250511. The flaw is in /usr/sbin/jhttpd, within the function sub_456DE8 of /msp_info.htm?flag=cmd, where manipulating the cmd parameter enables remote command injection. Several sources confirm the impact and vulnerable endpoint; exploitat...
CVE-2010-1273
Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of 1 form values and 2 JSignal arguments, which has unspecified impact and remote attack vectors...
Malicious code in wt-fe-buz-utilities-url (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in wt-fe-buz-business-stoplimit (npm)
--- -= Per source details. Do not edit below this line.=-...