Lucene search
+L

4484 matches found

OSV
OSV
added 2020/09/03 7:41 p.m.9 views

GHSA-4M3J-H8F2-4XH4 Malicious Package in coinstrig

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

9.1CVSS7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 7:40 p.m.15 views

Malicious Package in crpyto-js

All versions of this package contained malware. The package was designed to find and exfiltrate cryptocurrency wallets. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be rotated...

3.4AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 7:20 p.m.7 views

GHSA-VM6V-W6Q2-MRRQ Malicious Package in bb-builder

All versions of bb-builder contained malicious code. The package ran an executable targeting Windows and uploaded information to a remote server. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

9.8CVSS6.9AI score
Exploits0References1
OSV
OSV
added 2020/09/03 6:22 p.m.8 views

GHSA-JF8X-WG7F-P3W8 Malicious Package in cage-js

All versions of cage-js contains malicious code. The malware downloads and runs a script from a remote server as a postinstall script. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should...

9.8CVSS7.1AI score
Exploits0References1
OSV
OSV
added 2020/09/03 6:3 p.m.9 views

GHSA-4HJG-W3WW-38C6 Malicious Package in tiar

All versions of tiar contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

9.8CVSS6.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 5:47 p.m.40 views

Malicious Package in secure_identity_login_module

All versions of secureidentityloginmodule contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored...

3.6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 5:45 p.m.11 views

GHSA-J8HW-49GG-VQ3W Malicious Package in retcodelog

All versions of retcodelog contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that comput...

9.8CVSS6.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 5:43 p.m.16 views

Malicious Package in node-buc

All versions of node-buc contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

3.6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 5:43 p.m.14 views

GHSA-X3M6-RPRW-862W Malicious Package in node-buc

All versions of node-buc contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

9.8CVSS6.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 5:41 p.m.18 views

Malicious Package in midway-xtpl

All versions of midway-xtpl contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 5:39 p.m.9 views

GHSA-QM4Q-F956-FG64 Malicious Package in luna-mock

All versions of luna-mock contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that compute...

9.8CVSS6.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 5:39 p.m.14 views

Malicious Package in luna-mock

All versions of luna-mock contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that compute...

3.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/03 5:38 p.m.22 views

Malicious Package in hpmm

All versions of hpmm contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

3.1AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/03 5:37 p.m.18 views

Malicious Package in cicada-render

All versions of cicada-render contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.6AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 5:37 p.m.11 views

GHSA-6M6M-J2HM-PXRG Malicious Package in cicada-render

All versions of cicada-render contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

9.8CVSS6.9AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/03 5:36 p.m.19 views

Malicious Package in diamond-clien

All versions of diamond-clien contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/03 5:33 p.m.24 views

Malicious Package in antd-cloud

All versions of antd-cloud contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that comput...

3.6AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2020/09/03 5:32 p.m.28 views

Malicious Package in alipayjsapi

All versions of alipayjsapi contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

3AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/03 5:31 p.m.10 views

GHSA-JFX5-7MR2-G8HG Malicious Package in alico

All versions of alico contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer...

9.8CVSS6.9AI score
Exploits0References1
OSV
OSV
added 2020/09/03 5:29 p.m.9 views

GHSA-H3M2-H22H-695R Malicious Package in ali-contributor

All versions of ali-contributor contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

9.8CVSS6.9AI score
Exploits0References1
Rows per page
Query Builder