Lucene search
K

220 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:48 a.m.6 views

Malicious code in @crowdstrike/logscale-parser-edit (npm)

Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...

6.8AI score
Exploits0References8
OSV
OSV
added 2025/09/16 7:48 a.m.3 views

MAL-2025-47218 Malicious code in @crowdstrike/logscale-parser-edit (npm)

Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...

6.8AI score
Exploits0References8
OSV
OSV
added 2025/09/16 7:47 a.m.5 views

MAL-2025-47217 Malicious code in @crowdstrike/logscale-file-editor (npm)

Suspicious postinstall script executing bundle.js and YARA rule match for excessive bitwise math indicate likely malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c0f2b92ed507c0c5be3665db16bf307e19440b594539d07854669c027545b6c Any computer that ha...

6.8AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:47 a.m.5 views

Malicious code in @crowdstrike/logscale-file-editor (npm)

Suspicious postinstall script executing bundle.js and YARA rule match for excessive bitwise math indicate likely malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1c0f2b92ed507c0c5be3665db16bf307e19440b594539d07854669c027545b6c Any computer that ha...

6.8AI score
Exploits0References8
OSV
OSV
added 2025/09/16 7:46 a.m.5 views

MAL-2025-47216 Malicious code in @crowdstrike/logscale-dashboard (npm)

Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f7539ca83a2878a7b5b892aaa154843f462994bef40d9d14698dd04a2f0ffee Any computer that has this...

6.9AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:44 a.m.4 views

Malicious code in @crowdstrike/glide-core (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c50fb4842e12feb703463f76e42b30788a613940789be0e353b396b7de4cba8 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:44 a.m.3 views

MAL-2025-47235 Malicious code in @crowdstrike/glide-core (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c50fb4842e12feb703463f76e42b30788a613940789be0e353b396b7de4cba8 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:44 a.m.2 views

Malicious code in @crowdstrike/foundry-js (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b692cc7f6e5464ffd853e3847c9818751b07e7730ef96f968e01aea83827605f Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:44 a.m.2 views

MAL-2025-47234 Malicious code in @crowdstrike/foundry-js (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b692cc7f6e5464ffd853e3847c9818751b07e7730ef96f968e01aea83827605f Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:43 a.m.2 views

MAL-2025-47215 Malicious code in @crowdstrike/falcon-shoelace (npm)

postinstall script executes bundle.js. bundle.js triggers unsignedbitwisemathexcess YARA rule. Suspicious behavior indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 035c35169c1f3c6c939e3237ce0bb606645b05601db61892b5d54cbeea095b57 Any computer that h...

6.9AI score
Exploits0References8
OSV
OSV
added 2025/09/16 7:41 a.m.4 views

MAL-2025-47233 Malicious code in @crowdstrike/commitlint (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e58c63ca78f39890835120723ac0ab398dbaddb3018f3b640145685ab38cdd93 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References7
Snyk
Snyk
added 2025/09/15 7:39 a.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 7:39 a.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 7:39 a.m.2 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 7:39 a.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 7:39 a.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.7 views

@crowdstrike/ember-toucan-core (>=0.3.0 <=0.4.6), @frontile/buttons (=0.18.0-alpha.5) +13 more potentially affected by unknown CVE via ember-velcro (=2.2.0)

ember-velcro NPM version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ember-velcro and may be impacted: - @crowdstrike/ember-toucan-core =0.3.0, =0.17.0-alpha.0, =0.17.0, =0.17.0, =0.17.0, =9.4.0, =8.3.0, =0.1.0, =0.0.4, =0.17.0, =0.0.4, =0.0...

5.7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.8 views

eslint-config-crowdstrike-node (=4.0.0-beta.2) potentially affected by unknown CVE via eslint-config-crowdstrike (=11.0.0-beta.0)

eslint-config-crowdstrike NPM version =11.0.0-beta.0 is affected by a known vulnerability. The following packages have a transitive dependency on eslint-config-crowdstrike and may be impacted: - eslint-config-crowdstrike-node =4.0.0-beta.2 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.11 views

@crowdstrike/ember-oss-docs (>=1.0.1 <=1.1.8) potentially affected by unknown CVE via ember-url-hash-polyfill (=1.0.11)

ember-url-hash-polyfill NPM version =1.0.11 is affected by a known vulnerability. The following packages have a transitive dependency on ember-url-hash-polyfill and may be impacted: - @crowdstrike/ember-oss-docs =1.0.1, =1.1.8 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.6 views

@crowdstrike/ember-toucan-styles (=3.0.1) potentially affected by unknown CVE via ember-browser-services (=5.0.1)

ember-browser-services NPM version =5.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ember-browser-services and may be impacted: - @crowdstrike/ember-toucan-styles =3.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-EMBERBROWSERSERVICES-12744...

5.8AI score
Exploits0
Rows per page
Query Builder