Insyde UEFI Digital Certificate Injection

A potential security vulnerability has been identified in certain HP PC products using Insyde BIOS InsydeH20 UEFI Firmware, which might allow escalation of privilege, arbitrary code execution, denial of service, and/or information disclosure. Insyde is releasing mitigation for the potential...

MAL-2025-48543 Malicious code in artyfact-storage (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e7943603e230dc9bc1cd9f5f44133fe1b4fee90cb69929ae4b0308b61400753 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48539 Malicious code in zdachboostv3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 233422c1963470e7902c9d0ad359d0f6ea728179b75d56e24833feea577428ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48532 Malicious code in ggtech2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 402a2de5aff6b47fccb36fb23db1070eee17b8a098c87b256108ee8c7d793021 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48524 Malicious code in tailwind-setting (npm)

The package tailwind-setting was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 850a3c165ca8ecb1060d82506ab99a36786c8a41575310ee91507065a46d313d Any computer that has this package installed or running should be considered fully...

MAL-2025-48525 Malicious code in user-trace-fingerprint (npm)

The package user-trace-fingerprint was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54bd77b470e3a22898330418ebfb04770ae12aa0de66208968d637cca6c03f2 Any computer that has this package installed or running should be considered full...

Malicious code in user-trace-fingerprint (npm)

The package user-trace-fingerprint was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54bd77b470e3a22898330418ebfb04770ae12aa0de66208968d637cca6c03f2 Any computer that has this package installed or running should be considered full...

Malicious code in stram-log (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 436c6121e283f5f6356fb575e1569411bd6123e6621dba3acec5df01273b5f70 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48520 Malicious code in gridmancer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60165b38818ae73f1e523b9b54cd4793394ad672c0a62b08e71f54457c80afee Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-42192

HCL Traveler for Microsoft Outlook HTMO is susceptible to a credential leakage which could allow an attacker to access other computers or applications...

CVE-2024-42192

Technical details such as affected versions, root cause, and exploit conditions are not publicly available in the provided documents. Monitor for updates from vendor advisories and vulnerability feeds.

Malicious code in pino-logging (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c35f1cee310ba73ad606845b7bf6d537b00db69bb318d6adf7b816b35d3d5690 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-10576 Sound Research SECOMNService Escalation of Privilege

Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. HP is releasing updated audio packages to mitigate the potential vulnerabilities...

CVE-2025-10576 Sound Research SECOMNService Escalation of Privilege

Potential vulnerabilities have been identified in the audio package for certain HP PC products using the Sound Research SECOMN64 driver, which might allow escalation of privilege. HP is releasing updated audio packages to mitigate the potential vulnerabilities...

Malicious code in internal-greeter-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware aba71c91c57a929f6d02d2775a1e431ee72be5d4e13215c18875202086b0c4e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in graphorbit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7e39cb6a782c7394e47a516577dd7696fc2db73d710cdd07e5ceec3dbc46c7af Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48327 Malicious code in internallib_v600 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a2f6cf9ace9deb6352b5110f9550afd90c905590229ba3a589e3ad7cbb8d67f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in simple-scr-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 833779f4455bdaf68dd142867b4cb379df156642ed6b531836d613bc4f591ad2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-48337 Malicious code in mad-3.2.1.2.2.8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f05a2f1326264237af5cd953fed9ffdbd2c6fbff24177c05893153feceedb7c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in internallib_v125 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ab77b49975a46f2335153950e340dc04f11da41aebe8c463f96f99d7e831fff6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...