Lucene search
K

105 matches found

EUVD
EUVD
added 2026/06/26 12:32 a.m.4 views

EUVD-2021-34853

Parse Server before 4.10.0 was affected by a supply chain incident in which incorrect version tags were pushed to the official repository pointing to an unreviewed personal fork of a contributor with write access. No releases were published with these tags; a project was exposed only if it define...

7.7CVSS5.9AI score0.0012EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/03 9:0 p.m.10 views

Malicious Package

Overview chai-as-json is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2026/06/03 9:0 p.m.7 views

Malicious Package

Overview react-pinojs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2026/05/04 3:2 a.m.6 views

Malicious Package

Overview @ozon-complt/split is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/01 12:3 a.m.99 views

exploitdb

The Exploit Database Git Repository This is an official repos...

5.7AI score
Exploits0
Snyk
Snyk
added 2026/04/24 5:2 a.m.5 views

Malicious Package

Overview envexpress is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/27 12:51 a.m.4 views

Malicious Package

Overview shop-republik-ch is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/03/20 4:45 a.m.7 views

Malicious Package

Overview fadlsjf is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/10 9:32 a.m.2 views

Malicious Package

Overview @openclaw-ai/openclawai is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.4 views

Malicious Package

Overview epam-cdisc-electron is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/03/05 12:16 a.m.9 views

eml_parser: Path Traversal in Official Example Script Leads to Arbitrary File Write

Summary The official example script examples/recursivelyextractattachments.py contains a path traversal vulnerability that allows arbitrary file write outside the intended output directory. Attachment filenames extracted from parsed emails are directly used to construct output file paths without...

5.5CVSS6.2AI score0.00237EPSS
Exploits1References5Affected Software1
Snyk
Snyk
added 2026/02/20 4:59 p.m.4 views

Malicious Package

Overview naniod is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.6AI score
Exploits0References2
Snyk
Snyk
added 2026/02/10 10:0 p.m.2 views

Malicious Package

Overview graphdict is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2026/01/28 7:50 a.m.9 views

Malicious Package

Overview converse-rn-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/01/21 4:21 a.m.47 views

Malicious Package

Overview worldnormal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.5AI score
Exploits0References2
Snyk
Snyk
added 2026/01/08 6:11 a.m.1 views

Malicious Package

Overview chai-min is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2026/01/06 3:37 a.m.2 views

Malicious Package

Overview ent-file-upload-widget-v2 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/12/18 3:23 a.m.2 views

Malicious Package

Overview elf-stats-rooftop-hammer-580 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/12/16 10:32 p.m.3 views

Malicious Package

Overview testforyt7hb is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2025/12/16 10:32 p.m.4 views

Malicious Package

Overview privy-frames-drop is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder