10271 matches found
PT-2025-32302
Name of the Vulnerable Software and Affected Versions uv versions 0.8.5 and earlier Description uv is a Python package and project manager written in Rust. Versions 0.8.5 and earlier handled remote ZIP archives in a streamwise fashion without reconciling file entries against the archive’s central...
MAL-2025-6794 Malicious code in num2words (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 36822c42f7e862f29cef9734efec9a9a9cc44a80e619e954dd25c12239d15767 The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code...
MAL-2025-191690 Malicious code in bh-25-req-ase (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 ddd759ada90b89401904e23b4e8cbe6a3021baf3c34495150b4a713ca7063be0 If run, the package exfiltrates AWS credentials. Though it's described as test, the exfiltration really happens --- Category: MALICIOUS - The campaign has...
Malicious code in thisisthedaventestz (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d5f510bfda1aeb6999f77b06597e760e13d4058dab2a7f8620bf8c561db5d39c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
num2words subjected to phishing attack, two versions published containing malware
The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code. The affected versions have been removed from PyPI, and users are advised to remove the affected versions from their environments...
GHSA-JXR6-QRXX-2PH2 num2words subjected to phishing attack, two versions published containing malware
The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code. The affected versions have been removed from PyPI, and users are advised to remove the affected versions from their environments...
MAL-2025-6626 Malicious code in zlsrc (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6625 Malicious code in zlapp (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6612 Malicious code in utils-wallet (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6611 Malicious code in tulipgui-python (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6602 Malicious code in torchao-nightly (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6601 Malicious code in thoughtspot-rest-api-sdk (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6599 Malicious code in terraform-binary-wheel (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6595 Malicious code in spokeoapi (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6593 Malicious code in spl-transpiler (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6592 Malicious code in sparsify-nightly (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6591 Malicious code in sparsezoo-nightly (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6590 Malicious code in sparseml-nightly (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6589 Malicious code in solidity-coverage (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-6587 Malicious code in sodha (PyPI)
--- -= Per source details. Do not edit below this line.=-...