7762 matches found
MAL-2025-111915 Malicious code in fond_muskox_chocolate-58 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 649dad5cac7bc56e1f25e3554c7f2ff87bb38eed74035d9527da2f4f126ee498 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gorgeous_landfowl-smiletea (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4dc3ae3c2ec3a338fd56767d0d7d3f40eed6fb7c95355c8ddd5cfc582a4ba541 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in surviving_gecko_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c304fb95e848ec64d057cd6b420e078efa74bd545e3f5abdd77305b794cd167 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in candra-dodol1-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c89370177a218c952376d9c7b9ef34d2841a0c27e9764f96b732b94bfcd27127 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-96094 Malicious code in psychological_carp_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f728fe10040d29a22292f15dbc6fc19e87eda43d1dc6ecafb8179cdc6cc0dff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-91261 Malicious code in tuti-kembang40-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 17da342a6d147a3afc67aaeccc1c8027a7e6df927b12adebbb1fc003731492dc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-77688 Malicious code in dono-lapis83-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 051154938ca161b09a3ddb86eb118f6e3a04f72bf1c782401d93cf9f770b1ebe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-82418 Malicious code in written_cow_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5ebc2935536962c1547b15efe4cc0215c116561cd367b61403b52b0ac75f44c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-71827 Malicious code in ade-klipo26-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43cc1cdeafddf8c2dc5d096394bd3d57d953f0fb868cdef5c28b4130b2170c97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
PT-2025-46412
Name of the Vulnerable Software and Affected Versions IntelR Distribution for Python versions prior to 2025.2.0 Description An uncontrolled search path issue exists in some IntelR Distribution for Python software installers. This may allow an unprivileged software adversary with an authenticated...
Intel Distribution for Python 代码问题漏洞
Intel Distribution for Python is a Python distribution optimized for Intel hardware from Intel Corporation USA. A code issue vulnerability exists in Intel Distribution for Python versions prior to 2025.2.0, which stems from an uncontrolled search path that could lead to elevation of privilege...
Intel® Distribution for Python Software Installer Advisory
Summary: A potential security vulnerability for some Intel® Distribution for Python software installers may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2025-30182 Description: Uncontrolled search pa...
MAL-2025-60684 Malicious code in inner_guan_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a077bfb5390086637f4be66d919d9d90a9a3535bf28a6c18478982389f0d7059 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in indah-lupis31-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37715c41f6c3e21336601fe5a92cd2fca7b1a6d6d8965fc3350405f501d2a7a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-56072 Malicious code in equal_jaguar_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3d5a6c3c61954ad6c1a6f8e83378a99843d69a3a6fb0ec55e70f3d7fbd389b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53028 Malicious code in joko-sego19-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e203f22b338c36808168b310f0d395e5c6f03d9352e0e0d93820eb03bd507dbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Debian dsa-6050 : chromium - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6050 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6050-1 [email protected]...
EUVD-2025-38185
ThinkDashboard is a self-hosted bookmark dashboard built with Go and vanilla JavaScript. In versions 0.6.7 and below, an attacker can upload any file they wish to the /data directory of the web application via the backup import feature. When importing a backup, an attacker can first choose a .zip...
SUSE-SU-2025:3964-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: - CVE-2025-53057: Fixed an issue where an unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414 - CVE-2025-53066: Fixed an issue where an unauthenticated attacker can achieve...
PT-2025-45378
Name of the Vulnerable Software and Affected Versions ThinkDashboard versions 0.6.7 and below Description ThinkDashboard, a self-hosted bookmark dashboard built with Go and vanilla JavaScript, has an issue where an attacker can upload arbitrary files to the '/data' directory of the web applicatio...