361 matches found
CVE-2023-31543
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server...
Type confusion
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server...
CVE-2023-31543
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server...
CVE-2023-31543
A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server...
aigc-evals (>=0.0.2 <=0.0.3), apache-airflow-providers-snowflake (>=2.4.0 <=2.5.1rc1) +103 more potentially affected by CVE-2023-34233 via snowflake-connector-python (>=1.7.11 <=3.0.0)
snowflake-connector-python PYPI version =1.7.11, =0.0.2, =2.4.0, =0.0.4, =0.1.0, =1.13.21, =20230717.1.0, =0.5.83, =0.1.0, =0.4.0, =0.5.1, =1.0.5, =1.0.6 - dataligo =0.6.1 and more Source cves: CVE-2023-34233 Source advisory: OSV:GHSA-5W5M-PFW9-C8FP...
Apache HTTP Server via mod_proxy_uwsgi HTTP response smuggling
HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server from 2.4.30 through 2.4.55 and the uWSGI PyPI package prior to version 2.0.22. Special characters in the origin response header can truncate/split the response forwarded to the...
Malicious code in esqtoolultralgtb (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx e334c63529e9806a1f2260cf2dc843c734ca2b1ad96f7270af5283a0d9e3b2c0 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-4500 Malicious code in libsplitrandomencode (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6263092888bd2ce8b8e6825d2bd9be218f8025772ed0cb8e0b5d50936cbdefaa EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-5561 Malicious code in py-randcpustr (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx d267a67563dcd3a2e4fb46858e2769518aca4b257f95bf0c333d2648711bd0ee EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-2814 Malicious code in esqcraftremc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 37242320195526775b5312603a837b8e987348677ea211c3c15dd45ddfca50b3 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-5429 Malicious code in py-pingencodeencode (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 5e25e0d835bb0ed3cca36de3204ce042d55271d94e424cff8403845342e90554 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in tprandompullpull (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9e02c5ac3b306660f081b437467b7d2a52fc32a04e7d67f5ad0dd0f668d66d3c EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in py-rampaypalint (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 1a6652403eaff5274d2622c5106d73357cf6418aca7174846731697a8354be92 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in tpmaskpullmine (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 2274feda883bad585e645b3e8f715e14934ec11f04b075a52e12041e8125f871 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
MAL-2023-3235 Malicious code in esqpostmaskre (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 3536f0d62242eba59bd928e7ca7ea6e0ecd9b665d866fb16eebc860c40a59c44 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in libpingrandomad (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4225bb6907f07e0f81d0514cf4b1403479be36f2eea791ed455e498d07453e95 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in selfpongminehacked (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 9c2060b33a5ebf65217d50cd8da507fad2a4b9de41e5ac2ae25e9ad0a6211b63 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in liburlcontrolpull (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4c3cb13567a94742c04db2f6e291f793e2f9eec22b66ce99503c80905d5ff204 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in selfvirtualcontrolultra (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 255eb2423526bb6491e4902041d0a38fb5d27f4f715fb4dd5e6d197dec08d52f EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...
Malicious code in selfpaypalencodeget (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 6a61b2dda37fe10eb7bfdc9ff5a178de182b7fd0132887d41db45bcb95f854e1 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...