664 matches found
MAL-2024-150 Malicious code in orchidnet-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0dd6961cefb46152dbb4b21adeb369408e08c40551592284dd3789c650000d08 The OpenSSF Package Analysis project identified 'orchidnet-web' @ 9.1.1 npm as malicious. It is considered malicious because: - The package...
MAL-2024-136 Malicious code in librct (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1f5f02ff35835e34a22c3e1381a0888b755d52334e14e61160dff3b9ec4e08b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-102 Malicious code in testing-burp-library-please-ignore (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2249726c84e729bde202820bcc2ac6cdfaec65115b09e7505b33a51158988aad The OpenSSF Package Analysis project identified 'testing-burp-library-please-ignore' @ 1.0.0 npm as malicious. It is considered malicious becaus...
MAL-2024-96 Malicious code in wdpr-node-http-error-handler (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4afec8bd883f6042f7047f6b0d29cd37d57ef2e6f179a717a0ee7bbf44a16fe8 The OpenSSF Package Analysis project identified 'wdpr-node-http-error-handler' @ 16.1.1 npm as malicious. It is considered malicious because: -...
MAL-2024-86 Malicious code in shoponline.epiroc.com (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0af86d9c1fc83f25835c1b437a93a6a278c5bcb1cfd811a0892fc93af187d0a4 The OpenSSF Package Analysis project identified 'shoponline.epiroc.com' @ 1.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2024-52 Malicious code in onetake (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 52bec93f09b5dc6085214609ef35d8aaf2346d6e50e6a12e5304e16aa3493ae2 The OpenSSF Package Analysis project identified 'onetake' @ 1.1.30 npm as malicious. It is considered malicious because: - The package...
Malicious code in demo-store (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7ee37cdc93b14e892899627c645c7fd80fcc18ea968522ffa87ed65ddcb5061b The OpenSSF Package Analysis project identified 'demo-store' @ 4.99.99 npm as malicious. It is considered malicious because: - The package...
Malicious code in squaredev-next-online-payments-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c12aadbc7b6d08bd4746e705c7507074eb759ac60f260bdf9a59cd85d966a45b The OpenSSF Package Analysis project identified 'squaredev-next-online-payments-example' @ 99.0.0 npm as malicious. It is considered malicious...
MAL-2023-8762 Malicious code in tsrcrcetest1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 81236969e1e7e6ddfdffe293e1d918b357ce193fc362e722a7b75bce480e1bbb The OpenSSF Package Analysis project identified 'tsrcrcetest1' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-8744 Malicious code in formated (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 469915f0cc096d71a5ad3349a9e1203ffbdbd158fcb529c064aca57d2dce22e8 The OpenSSF Package Analysis project identified 'formated' @ 0.1.0 npm as malicious. It is considered malicious because: - The package...
MAL-2023-8768 Malicious code in newpackagetest2028 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3f8a309179fb8daa3b3ff1d8a250fe566f5d138ab913e435928491185de07f1c Packages either test the malicious behaviour, or actually download and run a simple remote script during the installation. --- Category: PROBABLYPENTEST -...
MAL-2023-8752 Malicious code in discord.js-self-v21 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7ff51b0a254299fbcba44e692ad912d759a48d835ffcb10759424392b1debdd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8737 Malicious code in riskex (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 221585b9da0150b32bdbd437dbe0b91deb53f4974b219b2215d642e2565439e9 The OpenSSF Package Analysis project identified 'riskex' @ 0.1.0 npm as malicious. It is considered malicious because: - The package communicate...
MAL-2023-8734 Malicious code in next-id-doc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78b8ec553ac410688ce195e0361743232f4c5c356df00d5dfb465da50060f8eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8710 Malicious code in biobot (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3b2c26ec52eb2c7fbc6aca147f99990d56fd9eb9c51517b6b3aa7f41755adb0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-8694 Malicious code in twk-boilerplate-template (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7e55b9fb271d1d1fcc3ac27783bc95ed7cbce8762d35cd7f2635490e25b9263b The OpenSSF Package Analysis project identified 'twk-boilerplate-template' @ 1.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2023-8693 Malicious code in katal-sellercentralhmdsupport (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8cdaad58325a54ebb6ba494e3d88fa6051937fe7092ef20c1f13db2c3fc8de54 The OpenSSF Package Analysis project identified 'katal-sellercentralhmdsupport' @ 70.0.0 npm as malicious. It is considered malicious because: -...
MAL-2023-8691 Malicious code in @dle-clo-bento-component/dist (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a652e8cb279a3db5d1420008c3f3fc8c11aab4463f7ed61925ca409f18066b19 The OpenSSF Package Analysis project identified '@dle-clo-bento-component/dist' @ 13.0.0 npm as malicious. It is considered malicious because: -...
MAL-2023-8687 Malicious code in rechtspraak.namenlijst (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 61558cb7df82b273048fac42068f7588594066bdc9e1aec2879d1cebaadedaea The OpenSSF Package Analysis project identified 'rechtspraak.namenlijst' @ 0.9.0 npm as malicious. It is considered malicious because: - The...
MAL-2023-8678 Malicious code in orchestrationdesk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7c4b49b3a4dec106baa72132f15b7493b62457fa4f2bc0c4bf2ddfe83e58ea9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...