CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4606 matches found

Github Security Blog•added 2020/09/03 5:42 p.m.•11 views

Malicious Package in midway-dataproxy

All versions of midway-dataproxy contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.6AI score

Exploits0References2Affected Software1

Github Security Blog•added 2020/09/03 5:41 p.m.•16 views

Malicious Package in midway-xtpl

All versions of midway-xtpl contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.6AI score

Exploits0References2Affected Software1

OSV•added 2020/09/03 5:38 p.m.•7 views

GHSA-VXFP-QMPQ-6826 Malicious Package in hpmm

All versions of hpmm contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

9.8CVSS6.9AI score

Exploits0References1

OSV•added 2020/09/03 5:36 p.m.•10 views

GHSA-86GV-XPWV-JPRC Malicious Package in diamond-clien

All versions of diamond-clien contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

9.8CVSS6.9AI score

Exploits0References1

Github Security Blog•added 2020/09/03 5:33 p.m.•22 views

Malicious Package in antd-cloud

All versions of antd-cloud contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that comput...

3.6AI score

Exploits0References2Affected Software1

Github Security Blog•added 2020/09/03 5:29 p.m.•20 views

Malicious Package in ali-contributor

All versions of ali-contributor contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.6AI score

Exploits0References2Affected Software1

OSV•added 2020/09/03 5:6 p.m.•10 views

GHSA-FPGG-R39H-3X5X Malicious Package in cxt

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

9.1CVSS7AI score

Exploits0References1

OSV•added 2020/09/03 5:6 p.m.•7 views

GHSA-FPF2-PR3J-4CM3 Malicious Package in ecruve

9.1CVSS7AI score

Exploits0References1

OSV•added 2020/09/03 5:5 p.m.•8 views

GHSA-CGVM-RVFV-C92R Malicious Package in ecuvre

9.1CVSS7AI score

Exploits0References1

OSV•added 2020/09/03 5:5 p.m.•4 views

GHSA-255R-PGHP-R5WH Malicious Package in hdeky