Total
49 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-16053 | 1 Fabric-js Project | 1 Fabric-js | 2024-09-16 | N/A |
| `fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16204 | 1 Jquey Project | 1 Jquey | 2024-09-16 | N/A |
| The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | ||||
| CVE-2017-16069 | 1 Nodeffmpeg Project | 1 Nodeffmpeg | 2024-09-16 | N/A |
| nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16081 | 1 Cross-env.js Project | 1 Cross-env.js | 2024-09-16 | N/A |
| cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2017-16056 | 1 Mssql.js Project | 1 Mssql.js | 2024-09-16 | N/A |
| mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | ||||
| CVE-2024-3094 | 2 Redhat, Tukaani | 3 Enterprise Linux, Jboss Enterprise Application Platform, Xz | 2024-08-20 | 10 Critical |
| Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library. | ||||
| CVE-2020-15165 | 1 Chameleon Mini Live Debugger Project | 1 Chameleon Mini Live Debugger | 2024-08-04 | 9.3 Critical |
| Version 1.1.6-free of Chameleon Mini Live Debugger on Google Play Store may have had it's sources or permissions tampered by a malicious actor. The official maintainer of the package is recommending all users upgrade to v1.1.8 as soon as possible. For more information, review the referenced GitHub Security Advisory. | ||||
| CVE-2021-22887 | 2 Pulsesecure, Supermicro | 24 Psa-5000, Psa-5000 Firmware, Psa-7000 and 21 more | 2024-08-03 | 2.3 Low |
| A vulnerability in the BIOS of Pulse Secure (PSA-Series Hardware) models PSA5000 and PSA7000 could allow an attacker to compromise BIOS firmware. This vulnerability can be exploited only as part of an attack chain. Before an attacker can compromise the BIOS, they must exploit the device. | ||||
| CVE-2024-4978 | 1 Javs | 1 Javs Viewer | 2024-08-01 | 8.4 High |
| Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. | ||||