Malicious code in nuilva-vmiam-rbua (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 34e6ac2e88af9d360c884b30a022c28539fd411bdcb65edd462b5e24697a536a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in tania-kue75-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7fc91b4aea1b412b530b1afcc4c6da14a06d8e91be12ed127135cbca0eb935a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in yanti-rujak21-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5cfe76d3a8d4e09dc92f8a8b83c888a76b8170e2911ae36be8fb80aa70260ec2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-89127 Malicious code in ogi-soto8-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d611cf3484d076fa9e5ff40c4e408e23ffeb5eaff5812f51518ee27a8d02a4f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ocha-lapis84-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7a6b45b53c812e5ec3f48fdb8656f3bcd8c0b086eae431d96ed6add2a2ae969 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

K000139141: liblzma vulnerability CVE-2024-3094

Security Advisory Description Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used t...

PT-2022-3119 · Oracle +11 · Java Se +13

Name of the Vulnerable Software and Affected Versions: Oracle Java SE versions 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition versions 20.3.5, 21.3.1, 22.0.0.2 Description: The issue is related to insufficient input validation in the JNDI component of the Oracle Java SE and...

CVE-2021-38453

Some API functions allow interaction with the registry, which includes reading values as well as data modification...

CVE-2011-5057

Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an...