774 matches found
Malicious code in gilang-toge26-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 716a076ce42d20253755b9139a080e23c7cb28aee4d5d2e97df34096de9d60db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rina-kue60-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b53ae0919d8f00b7ca244991593ac64dfd8d8c0084d0217dbe111309056b79b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in joko-nasipecel91-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd409fa3b40c3c8f62cec90a3ee666c872e07fe3ab42a3cf4ea7870818171e3a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-64420 Malicious code in nadia-rangi66-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 702c3030cf24adfc7f4a6e214e1cae1307e6f0b3ea80ca30d075787cdac8e67c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-64357 Malicious code in mulyono-mangut60-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a58bb3e31085f22268168e9dfa5b930cc714fe6110229967aa53fc9a9d16440a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-66046 Malicious code in wati-empal1-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73d26c391b0329bf5e59839b341ffaebad0dd1090f4adeaca677029b57355020 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-62072 Malicious code in bella-kue28-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0019c23335323fdb6eba547dca48bcb134fa0f8d6e9635140f802eb4fc231ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-65977 Malicious code in vida-rangi59-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbb164e5a524f5d58eb945e62ebcc7b37169924820d674d5f45d62ca88feb106 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sore_meerkat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03992cbb8fe15f5a8cc6ee19e6eae846dd57e92089d75d0de6722ce290b48413 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in comparable_junglefowl_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9812e04e6aff58b2a90157ca0e75c8354aca79abaf4a4e132840a302c5d7314 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-55464 Malicious code in budi-sambel4-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a4c436ec546345bd21477643cc37e5122865bb1b3a3b7e4d44fe79e4a1b82667 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in riana-nasipecel51-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f9e4709dff7751454c29be684cbca10ed083abe14ee7ebc0c63184259318fbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53055 Malicious code in joni-martabak89-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de80467aea2614210a7bd94bbe710e5743f43f54c67b768c954194bb34981e75 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-37762
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...
CVE-2025-61956 Missing Authentication for Critical Function in Radiometrics VizAir
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions, such as admin access and API requests. Attackers can modify configurations without authentication, potentially manipulating active runway settings and misleading air traffic control ATC and pilots...
EUVD-2025-37400
ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow...
CVE-2025-34284
Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin. Insufficient validation of user-supplied parameters allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful exploitatio...
CVE-2025-34284 Nagios XI < 2024R2 Authenticated Command Injection via WinRM Plugin
Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin. Insufficient validation of user-supplied parameters allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful exploitatio...
CVE-2025-59957 Junos OS: EX4600 Series and QFX5000 Series: An attacker with physical access can open a persistent backdoor
An Origin Validation Error vulnerability in an insufficient protected file of Juniper Networks Junos OS on EX4600 Series and QFX5000 Series allows an unauthenticated attacker with physical access to the device to create a backdoor which allows complete control of the system. When a device isn't...
EUVD-2014-0110
Malware in sbrugna...