1152 matches found
EUVD-2025-123481
Malicious code in postgres-neptune-bootes-query npm...
EUVD-2025-123475
Malicious code in postgres-rest-fornax-enceladus npm...
Malicious code in postgres-pavo-tool-procyon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd2addda10f23ed7cb19188abda0a250d743d2adbdd413ab1c73bcc665ff6803 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-115913
Malicious code in build-sails-postgres-commitizen npm...
MAL-2025-146445 Malicious code in postgres-resolvers-luna-acamar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11803c5a004b65527f2ef96e5f36fb752b13276d33c9bff1b5bc22b6479620db This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145049 Malicious code in miranda-postgres-helios-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6b00b3d16da39e85a367558e438d72233d4d67d4b9e9c2633f5b22123e510552 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143032 Malicious code in gravity-xenos-postgres-concurrently (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9928cc50e6689771dd7021790880d27ee8c24b1425bb75d7acd7ba4a3bd17331 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140363 Malicious code in canopus-leda-postgres-cassini (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16592b4ce6c067b6870d21abaf030dffb146d291061175fd9639b09e183061f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143954 Malicious code in jovian-mocha-postgres-typeorm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 933b00c6a74f6d2bd88e6379856703cfbbd465278b276af4693ce443f13ac429 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146436 Malicious code in postgres-inquirer-octans-halley (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23cddb6832b76e91d97d935d0d9d8a7f26ee084ca8b89b9e2b9d0a4a080d35ca This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-115743
Malicious code in canopus-leda-postgres-cassini npm...
MAL-2025-146452 Malicious code in postgres-xerxes-changelog-corvus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0175d3df92c5f5ea2098b26de86bbb5dfcd75cad02a6e06b6ef549a7591cfcbc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-149776 Malicious code in yakutsk-postgres-tool-node-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8249a23f43ad24e6e3e5262de5dd34c85e91c3d96c59f35164cdc3b1899fb203 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146710 Malicious code in proxima-configstore-postgres-altair (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 780dcbaec41c4e20250e39de2cf359cc95f8977765f504674d4df2184b60f365 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146440 Malicious code in postgres-neptune-bootes-query (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfe1f7cc57e5378ad22e5eddec6f8f07092ecffa0c918b156ad32967ae2ea0d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146432 Malicious code in postgres-geckodriver-less-loader-quark (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8e7ffe9e4024063c41783a941e17513fc2266685fa86e77704cddf053a63167 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-139189 Malicious code in acamar-update-postgres-standard (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4fb4db31769e06077155f89e26bad96142790087e079fa0db3fef030b6085eb6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
database/sql: Postgres Scan Race Condition
A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...
Important: Red Hat Security Advisory: podman security update
An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
database/sql: Postgres Scan Race Condition
A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leadin...