Lucene search
K

2020 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added yesterday5 views

Malicious code in @gleamkit/engine.io (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 008464ca4d7ba15b4b8c6d3a979586c61bd527aef3a209571d28c0ba912403ae The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday6 views

Malicious code in abuden224 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4b6da7762075dee890b0878af8420637eed76f394f658992c5e10454e09e1e2 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday5 views

Malicious code in abuden226 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a4986d9e75be69083a7905e5ef5e4558e17fe8b9f15777a9cd692c882b9d6b The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday6 views

Malicious code in abuden222 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c141ada78ccdede0bb49a76d998fcf07eb4cc60c58cce5fdc1b5933b85a817d The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday5 views

Malicious code in ishowfeet20 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57470f610cd7e988daef50a3a2587778f3dce2cb1584572d4a1795876f9cf6fe The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in ishowfeet2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33cbeb0130c1ef8842cc7d912f9d12b756efd200949266a3232a83cbfd2cdce4 The tarball ships auto-publish.sh, a script that republishes the same payload under 100 distinct npm names ishowfeet1-ishowfeet20, nottuff1-nottuff30...

6.2AI score
Exploits0References4
OSV
OSV
added yesterday2 views

MAL-2026-10296 Malicious code in bomboclatwallahi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55a7d4f08c0c79c42f9938a1c11d3d6828907fb309e582faf38065bbd04f5149 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in changiairportpromax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13ab194f6c4e1d4197856c229f74ebf46e7eb90ff703ff4dc3172379aea96923 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday8 views

Malicious code in @jplopezy/connectivity-test-do-not-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94a8451d9e6d0f50b066cc79da664b4ec909dc1fb835c39f938b5a58dd9f8ad5 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

6.1AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago10 views

Malicious code in txs-builder-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55bb13d76ebc74c36f68dd219079500d0bdb60e4bc07f8089eefbcde91bbdeac The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 6 days ago11 views

Malicious code in na-rony (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 193f3dbfb6073e7b6c5dacb0e79157ccac9c69ac4c23d2c8270cc23d27cab699 package.json declares postinstall: node index.js, causing index.js to execute automatically on npm install. The script collects the installer's OS...

6AI score
Exploits0References5
Cvelist
Cvelist
added 2026/07/07 1:2 p.m.37 views

CVE-2026-53481

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory 'Path...

9.8CVSS0.00632EPSS
Exploits0References1
CVE
CVE
added 2026/07/07 1:2 p.m.18 views

CVE-2026-53481

Dell PowerProtect Data Domain is affected by a Path Traversal vulnerability (CVE-2026-53481) in versions 7.7.1.0–8.7, including LTS2026 (8.6.1.0–8.6.1.10), LTS2025 (8.3.1.0–8.3.1.30), and LTS2024 (7.13.1.0–7.13.1.70). An unauthenticated, remotely accessible attacker could exploit this to gain una...

9.8CVSS6AI score0.00632EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/07/07 12:57 p.m.21 views

CVE-2026-53483

Dell PowerProtect Data Domain is affected (versions 7.7.1.0–8.7; LTS2026 8.6.1.0–8.6.1.10; LTS2025 8.3.1.0–8.3.1.30; LTS2024 7.13.1.0–7.13.1.70) by an improper authentication vulnerability. An unauthenticated attacker with remote access could exploit this to gain unauthorized access and take comp...

9.8CVSS6.1AI score0.00625EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.20 views

PT-2026-56187

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...

9.8CVSS6.1AI score0.00625EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/07/07 12:0 a.m.10 views

PT-2026-56186

Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain versions 7.7.1.0 through 8.7 Dell PowerProtect Data Domain versions 8.6.1.0 through 8.6.1.10 Dell PowerProtect Data Domain versions 8.3.1.0 through 8.3.1.30 Dell PowerProtect Data Domain versions 7.13.1.0 through...

9.8CVSS6.1AI score0.00632EPSS
Exploits0References5
OSV
OSV
added 2026/07/06 7:0 p.m.4 views

MAL-2026-6902 Malicious code in wime-zle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a3e5a49f13ac5ae3e92267b63357dc81d37b138ed5981949b12e51a09095e2b0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:58 p.m.6 views

Malicious code in tracing-str (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 466143b5f195d4924e2227921a288954ecec9ed34d52af8ff433056f5ff56903 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:58 p.m.8 views

Malicious code in stacknova (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4eea780e4546d725f38c35c635625e60354e7f48a79c1fcbe76f87e2498d9ce4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:53 p.m.7 views

Malicious code in metrica-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a0ee3435b3bf0949e63f6770b91c6bb1e2d7912054dc1cb9382e3eae20c84ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
Rows per page
Query Builder