257 matches found
CVE-2025-64720
creationtimestamp| type| source ---|---|--- 2025-11-22 00:33:44+00:00| seen| https://seclists.org/oss-sec/2025/q4/204 2025-11-22 01:59:06+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m66p54ip7t2h 2025-11-22 02:34:48+00:00| seen|...
MAL-2025-190595 Malicious code in @ra-ide/st-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49ae7d07061ce406d972052f23649e631bb22f724cd85c8ab0c73b18689ecb36 The package @ra-ide/st-frontend was found to contain malicious code. Source: ossf-package-analysis...
CVE-2025-61661
creationtimestamp| type| source ---|---|--- 2025-11-18 18:38:59+00:00| seen| https://seclists.org/oss-sec/2025/q4/198 2025-11-18 21:58:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5wqbwr4cr2w 2026-03-19 00:00:00+00:00| seen|...
EUVD-2025-144229
Malicious code in verts-otimo-nag npm...
GHSA-MGRM-G92Q-F8H8
creationtimestamp| type| source ---|---|--- 2025-11-11 17:50:55+00:00| seen| https://seclists.org/oss-sec/2025/q4/164...
MAL-2025-138579 Malicious code in warnermedia-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 235c7d43006e41c31c3b06069239c483934cee515a1f489c55e698fdf994909e The OpenSSF Package Analysis project identified 'warnermedia-test' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
CVE-2025-64458
creationtimestamp| type| source ---|---|--- 2025-11-05 14:33:40+00:00| seen| https://seclists.org/oss-sec/2025/q4/147 2025-11-05 16:48:18+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m4vivmdsys2h 2025-11-05 20:08:20+00:00| seen|...
CVE-2025-52565
creationtimestamp| type| source ---|---|--- 2025-11-05 08:57:06+00:00| seen| https://seclists.org/oss-sec/2025/q4/138 2025-11-05 10:35:36+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m4uu364gd32h 2025-11-05 14:59:52+00:00| seen|...
CVE-2025-12207
creationtimestamp| type| source ---|---|--- 2025-10-27 19:03:44+00:00| seen| https://seclists.org/oss-sec/2025/q4/79 2025-11-04 17:03:45+00:00| seen| https://seclists.org/oss-sec/2025/q4/132...
CVE-2025-12205
creationtimestamp| type| source ---|---|--- 2025-10-27 19:03:44+00:00| seen| https://seclists.org/oss-sec/2025/q4/79...
CVE-2025-12204
creationtimestamp| type| source ---|---|--- 2025-10-27 19:03:44+00:00| seen| https://seclists.org/oss-sec/2025/q4/79...
CVE-2025-61795
creationtimestamp| type| source ---|---|--- 2025-10-27 18:13:45+00:00| seen| https://seclists.org/oss-sec/2025/q4/77 2025-10-27 19:02:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4747uh2g32p 2025-10-27 19:33:15+00:00| seen|...
CVE-2025-12198
Last updated 29 October 2025 Notes mdeslaur This issue requires replacing the root-owned configuration file. See https://www.openwall.com/lists/oss-security/2025/10/27/1 This CVE is likely to be rejected. Marking as deferred for now...
Malicious code in doppler-secrets-fetch-github-action (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15ae1d785262a986eb630a24e7abcd16bd4c799262e11059e5911a40f184ee5c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-58148
creationtimestamp| type| source ---|---|--- 2025-10-21 10:02:37+00:00| seen| https://seclists.org/oss-sec/2025/q4/65 2025-10-21 12:35:52+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m3pdsf3t522b...
Malicious code in analytics-data-collection-fe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c5655e480e57af4b115f0660b3e96f7412f5d95816cd49858611d28761ea501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-62228
creationtimestamp| type| source ---|---|--- 2025-10-09 13:48:50+00:00| seen| https://seclists.org/oss-sec/2025/q4/20...
Allstar 信任管理问题漏洞
Allstar is an Open Source Security Foundation open source security policy software. A trust management issue vulnerability exists in Allstar versions prior to 4.5, which stems from the Reviewbot component using a hard-coded shared key to validate an inbound webhook request, which could lead to a...
EUVD-2008-0927
Malware in sbrugna...
EUVD-2008-0926
Malware in sbrugna...