Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

964 matches found

OSV
OSVadded 2024/01/22 4:29 p.m.13 views

MAL-2024-150 Malicious code in orchidnet-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0dd6961cefb46152dbb4b21adeb369408e08c40551592284dd3789c650000d08 The OpenSSF Package Analysis project identified 'orchidnet-web' @ 9.1.1 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSVadded 2024/01/22 4:18 p.m.6 views

MAL-2024-148 Malicious code in cagov-template-v6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a3e81e15d59085cf12a3a46a1dc253df8e81c9ff8756d76f8ab9db14b82caab8 The OpenSSF Package Analysis project identified 'cagov-template-v6' @ 9.1.1 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSVadded 2024/01/21 1:19 p.m.12 views

MAL-2024-136 Malicious code in librct (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1f5f02ff35835e34a22c3e1381a0888b755d52334e14e61160dff3b9ec4e08b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score
Exploits0References1
OSV
OSVadded 2024/01/16 11:40 p.m.11 views

MAL-2024-130 Malicious code in noblox.js-proxy-server (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2b3d7766d2ada5a6d17ae9ae430365649d4034341202ba6fc6a07a0ab6a553fb The OpenSSF Package Analysis project identified 'noblox.js-proxy-server' @ 4.15.1 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSV
OSVadded 2024/01/15 9:25 p.m.13 views

MAL-2024-102 Malicious code in testing-burp-library-please-ignore (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 2249726c84e729bde202820bcc2ac6cdfaec65115b09e7505b33a51158988aad The OpenSSF Package Analysis project identified 'testing-burp-library-please-ignore' @ 1.0.0 npm as malicious. It is considered malicious becaus...

7.1AI score
Exploits0
OSV
OSVadded 2024/01/14 6:59 p.m.8 views

MAL-2024-92 Malicious code in wdpr-device-detection (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0e68ddd57d0cced6084c7770f4e48230e223d896f927b8952e4cf5d05caa721f The OpenSSF Package Analysis project identified 'wdpr-device-detection' @ 24.7.16 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSV
OSVadded 2024/01/14 6:59 p.m.8 views

MAL-2024-96 Malicious code in wdpr-node-http-error-handler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4afec8bd883f6042f7047f6b0d29cd37d57ef2e6f179a717a0ee7bbf44a16fe8 The OpenSSF Package Analysis project identified 'wdpr-node-http-error-handler' @ 16.1.1 npm as malicious. It is considered malicious because: -...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/01/13 8:46 p.m.2 views

Malicious code in synology-cft (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ce8d0a13d9faee23cc5fc3a8ad9842e1ac0678ba3fd10d0bd453006cb82a88a7 The OpenSSF Package Analysis project identified 'synology-cft' @ 10.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSVadded 2024/01/13 4:29 a.m.22 views

MAL-2024-86 Malicious code in shoponline.epiroc.com (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0af86d9c1fc83f25835c1b437a93a6a278c5bcb1cfd811a0892fc93af187d0a4 The OpenSSF Package Analysis project identified 'shoponline.epiroc.com' @ 1.0.1 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSV
OSVadded 2024/01/10 6:43 p.m.5 views

MAL-2024-60 Malicious code in @neogov/linkanx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 133eddd55383f57d0ee29c0a3eb7343b9118e95d6c54ab71bb75aa457dd5d2d0 The OpenSSF Package Analysis project identified '@neogov/linkanx' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.4AI score
Exploits0
OSV
OSVadded 2024/01/09 11:22 a.m.16 views

MAL-2024-52 Malicious code in onetake (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 52bec93f09b5dc6085214609ef35d8aaf2346d6e50e6a12e5304e16aa3493ae2 The OpenSSF Package Analysis project identified 'onetake' @ 1.1.30 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/01/08 8:4 p.m.3 views

Malicious code in demo-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7ee37cdc93b14e892899627c645c7fd80fcc18ea968522ffa87ed65ddcb5061b The OpenSSF Package Analysis project identified 'demo-store' @ 4.99.99 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSV
OSVadded 2024/01/01 12:33 p.m.11 views

MAL-2024-2 Malicious code in @cartus-core/cartus-common-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 00ecedfab923e26d9afa1c15157b18d4f9662f062ffec7f4ce93ece0426eeeda The OpenSSF Package Analysis project identified '@cartus-core/cartus-common-ui' @ 11230000951.0.1 npm as malicious. It is considered malicious...

7.3AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/01/01 12:40 a.m.4 views

Malicious code in squaredev-next-online-payments-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c12aadbc7b6d08bd4746e705c7507074eb759ac60f260bdf9a59cd85d966a45b The OpenSSF Package Analysis project identified 'squaredev-next-online-payments-example' @ 99.0.0 npm as malicious. It is considered malicious...

6.9AI score
Exploits0
OSV
OSVadded 2023/12/29 5:55 a.m.9 views

MAL-2023-8762 Malicious code in tsrcrcetest1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 81236969e1e7e6ddfdffe293e1d918b357ce193fc362e722a7b75bce480e1bbb The OpenSSF Package Analysis project identified 'tsrcrcetest1' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

7.4AI score
Exploits0
OSV
OSVadded 2023/12/26 1:44 p.m.13 views

MAL-2023-8744 Malicious code in formated (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 469915f0cc096d71a5ad3349a9e1203ffbdbd158fcb529c064aca57d2dce22e8 The OpenSSF Package Analysis project identified 'formated' @ 0.1.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSV
OSVadded 2023/12/25 8:50 p.m.15 views

MAL-2023-8768 Malicious code in newpackagetest2028 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3f8a309179fb8daa3b3ff1d8a250fe566f5d138ab913e435928491185de07f1c Packages either test the malicious behaviour, or actually download and run a simple remote script during the installation. --- Category: PROBABLYPENTEST -...

7.6AI score
Exploits0References1
OSV
OSVadded 2023/12/24 12:12 p.m.12 views

MAL-2023-8752 Malicious code in discord.js-self-v21 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7ff51b0a254299fbcba44e692ad912d759a48d835ffcb10759424392b1debdd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSVadded 2023/12/22 6:49 p.m.12 views

MAL-2023-8737 Malicious code in riskex (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 221585b9da0150b32bdbd437dbe0b91deb53f4974b219b2215d642e2565439e9 The OpenSSF Package Analysis project identified 'riskex' @ 0.1.0 npm as malicious. It is considered malicious because: - The package communicate...

7.1AI score
Exploits0
OSV
OSVadded 2023/12/22 12:35 p.m.11 views

MAL-2023-8734 Malicious code in next-id-doc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78b8ec553ac410688ce195e0361743232f4c5c356df00d5dfb465da50060f8eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder