5842 matches found
MAL-2022-4785 Malicious code in native-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 89b5162a3b0e694963b12247772774451535a0374a380e9b49c9f03c0f84d383 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5695 Malicious code in reactnativeflipperexample (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 81e6ba4f44942fa14fd5ff545e81360f83be51c1a5c3db6213d58a1dd5db4db0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-7152 Malicious code in winston-pg-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5ce4395f11e08aabe826bbeccb1004202503971e7d29e5d42730ce51f7f44b3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in winston-pg-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c5ce4395f11e08aabe826bbeccb1004202503971e7d29e5d42730ce51f7f44b3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5694 Malicious code in reactnativecreativekitdemo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9df02b1d5ac89185ad46b3a7d16723f9742202f03ba8b21bb5b446d784e34be Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in zoom-sdk-native-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c46adede333f871f84adfafa02883ac6822b07a6f9e68d0b577ec5787d1f7d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-7412 Malicious code in zoom-sdk-native-addon (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c46adede333f871f84adfafa02883ac6822b07a6f9e68d0b577ec5787d1f7d4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-native-fido-login-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 333cc71217332de2d346b777b7500a8c0699622b3e7a9320767404a40523359f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5657 Malicious code in react-native-fido-login-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 333cc71217332de2d346b777b7500a8c0699622b3e7a9320767404a40523359f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in url-parser-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9b288704fb7ef9f7e3c52cb6d93f33ce2a44c0a9c2ba95678720f0156a23ebf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in orion-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83219301e473e409aea2a45d605dabed29dc41a4c86319f3cdf8fcfeb2699797 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5122 Malicious code in orion-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83219301e473e409aea2a45d605dabed29dc41a4c86319f3cdf8fcfeb2699797 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6332 Malicious code in stripe-identity-react-native (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b5745048e2b6cbb598d400a01404828533cdfe3202554f269418b9a1b12205e6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in react-native-performance-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ded0350b24cbe32a5196823e9dcc031159dd2d1e92e43a50e98c74710535f50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-5658 Malicious code in react-native-performance-monorepo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3ded0350b24cbe32a5196823e9dcc031159dd2d1e92e43a50e98c74710535f50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3863 Malicious code in intercom-react-native-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1fcd283f1ce396af81c959bb56b8fd32a56f22617596e78bebdaf08d500a1b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in dd-sdk-reactnative-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 43af4d12510523dde9f54d71b7b01cf7331b60e5cb78a8bfeb59e6d733b0bb53 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-3864 Malicious code in intercom-react-native.podspec (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f7abac0d25d94aaefe28f345fed96e1b39bc48cf2a461e080bc7932439219bfd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Wrong implementation of rescueETH, causing the fees in native tokens to be frozen in the contract
Lines of code Vulnerability details /// @dev used for rescuing exchange fees paid to the contract in ETH function rescueETHaddress destination external payable onlyOwner bool sent, = destination.callvalue: msg.value''; requiresent, 'failed'; Recommendation Change to: /// @dev used for rescuing...
GHSA-J32J-2HXV-RQF7 pg-native and libpq vulnerable to uncontrolled resource consumption
pg-native before 3.0.1 and libpq before 1.8.10 are vulnerable to Denial of Service DoS when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed. Note: pg-native is a mere binding to npm's libpq library, which in turn has the addons...