Lucene search
K

1685 matches found

OSV
OSV
added 2026/05/02 3:40 a.m.7 views

MAL-2026-3230 Malicious code in currenttimerpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ccd5c81889e68b6ae8a0e8ef90b7c3a4dc447b08872ad6ac48ce94804985379d During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/01 8:0 p.m.8 views

MAL-2026-3217 Malicious code in aocl-sparse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2f6149e96819a7800ef567eb459fdf9fc6cfc6ba1e6458c8e29e3aa7a50a8968 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/01 7:32 p.m.9 views

Malicious code in my-pipeline-watcher-poc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78f513e5eabf5ee549e85154e86f71885e76bb0052ec815bbbb8c090bb2cf2b1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/04/30 9:6 p.m.8 views

MAL-2026-3205 Malicious code in doisomgcxog (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 78d6a043bbe150c65e0a3e7e56c69f1ff32171b70a684d512c87a2bfe0baf0b5 During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/29 3:33 p.m.6 views

MAL-2026-3175 Malicious code in bbranger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9cb5c90bcde5bf7b63607d4bf5e7be1ccb7b5c9eb2eb92e32dab102be5df3687 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/04/28 9:29 p.m.7 views

MAL-2026-3136 Malicious code in timestamp-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d48be8ff856b19622d8bc8417db82b8752c41fb88aec5cd89d04bbee1bc729ef During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/28 9:29 p.m.10 views

Malicious code in timestamp-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d48be8ff856b19622d8bc8417db82b8752c41fb88aec5cd89d04bbee1bc729ef During import, the package automatically downloads and executes code that first acts as an infostealer and then starts code acting as a RAT. It connects with a...

6AI score
Exploits0References1
OSV
OSV
added 2026/04/28 4:14 p.m.7 views

MAL-2026-3130 Malicious code in genmedia-izumi-agent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6afd24d0d974a2b6b82c9aa120945d1c531a3ea17e81bbdf526890f2f0e18905 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/04/28 2:22 p.m.6 views

CLSA-2026-1777386117 Fix CVE(s): CVE-2026-33412

SECURITY UPDATE: Command injection via newline in glob on Unix-like systems - debian/patches/CVE-2026-33412.patch: add '\n' to the SHELLSPECIAL macro in src/osunix.c so mchexpandwildcards escapes embedded newlines before passing the glob pattern to the shell - CVE-2026-33412...

7.3CVSS5.8AI score0.00834EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/27 5:17 a.m.9 views

Malicious code in byteclaw (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3fe21c4a32b814a0b46b75a26033bae1f40e1caa237e394842aff14639b7aaec Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.5AI score
Exploits0References1
NVD
NVD
added 2026/04/27 12:16 a.m.7 views

CVE-2026-42363

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS0.00186EPSS
Exploits0References2
Fedora
Fedora
added 2026/04/25 1:58 a.m.13 views

[SECURITY] Fedora 44 Update: cups-2.4.17-1.fc44

CUPS printing system provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Apple Inc. to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...

7.8CVSS5.5AI score0.00502EPSS
Exploits7
Debian CVE
Debian CVE
added 2026/04/24 4:54 p.m.4 views

CVE-2026-41079

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send a crafted SNMP response to the CUPS SNMP backend that causes an out-of-bounds read of up to 176 bytes past a stack buffer. The leaked memory i...

5.4CVSS5.3AI score0.00409EPSS
Exploits1
CVE
CVE
added 2026/04/22 3:40 a.m.7 views

CVE-2026-6835

CVE-2026-6835 concerns the a+HCM product developed by aEnrich, which is vulnerable to an Arbitrary File Upload . The issue allows unauthenticated remote attackers to upload arbitrary files to arbitrary paths, including HTML documents, creating a potential XSS-like effect . The available sources c...

6.1CVSS5.9AI score0.00208EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 3:40 a.m.30 views

CVE-2026-6835 aEnrich|a+HCM - Arbitrary File Upload

The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result in a XSS-like effect...

6.1CVSS0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-36880

Name of the Vulnerable Software and Affected Versions OpenC3 COSMOS versions prior to 7.0.0 Description The Command Sender UI uses an unsafe eval function on array-like command parameters. This allows a user-supplied payload to execute in the browser when sending a command, creating a self-XSS...

4.6CVSS6.1AI score0.002EPSS
Exploits1References8
ATTACKERKB
ATTACKERKB
added 2026/04/21 10:14 p.m.7 views

CVE-2026-40928

WWBN AVideo is an open source video platform. In versions 29.0 and prior, multiple AVideo JSON endpoints under objects/ accept state-changing requests via $REQUEST/$GET and persist changes tied to the caller's session user, without any anti-CSRF token, origin check, or referer check. A malicious...

5.4CVSS5.7AI score0.00115EPSS
Exploits1References3Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/21 11:15 a.m.7 views

Malicious code in build-metadata-logger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be01b550f3d8914aa6bd8659c9a410054e4e0bf9203d33e93478eb444e957b55 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/20 8:47 p.m.7 views

Malicious code in cycode-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af035661f0964977015279eeceb2e380bf8b525463d4a099d85eab7b4ea8a71b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/04/20 8:47 p.m.7 views

MAL-2026-2957 Malicious code in cycode-dev (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af035661f0964977015279eeceb2e380bf8b525463d4a099d85eab7b4ea8a71b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.9AI score
Exploits0References1
Rows per page
Query Builder