Lucene search
K

2293 matches found

OSV
OSV
added 2024/10/07 5:38 p.m.4 views

MAL-2024-9261 Malicious code in ws-api-typescript-websocket-hooks (npm)

The package contains code to exfiltrate local machine information to a remote server over DNS. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6241b41ae78615002b8b7670ca4926a95d9cdc39cdc814b7ed794226bc5f7014 Any computer that has this package installed or running...

7AI score
Exploits0References1
OSV
OSV
added 2024/10/07 5:38 p.m.7 views

MAL-2024-9260 Malicious code in ws-api-typescript-infra (npm)

The package contains code to exfiltrate local machine information to a remote server over DNS. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 307f2e541390b49f3169786119b7f694fa2a2da04848f23037e9e101c4cefa85 Any computer that has this package installed or running...

7AI score
Exploits0References1
Snyk
Snyk
added 2024/10/02 12:28 p.m.2 views

Malicious Package

Overview redis-examples is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.1 views

Malicious Package

Overview openai-bun-test is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.3 views

Malicious Package

Overview redis-examples is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.3 views

Malicious Package

Overview svelte-hms-world is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.2 views

Malicious Package

Overview juno-composer is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.2 views

Malicious Package

Overview annotation-app is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.0 views

Malicious Package

Overview nanoslackts-env-test is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.1 views

Malicious Package

Overview buy-sell-opensea-sdk-demo is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.1 views

Malicious Package

Overview makebetteremail is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.2 views

Malicious Package

Overview agoda-design-toolkit-2 is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection betwee...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.2 views

Malicious Package

Overview branch-extension is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2024/10/02 12:28 p.m.1 views

Malicious Package

Overview language-rego is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

9.8CVSS7AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/10/01 2:59 p.m.17 views

Moderate: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

7.5CVSS7AI score0.01127EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/10/01 12:3 p.m.28 views

Moderate: Red Hat Security Advisory: git-lfs security update

An update for git-lfs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...

7.5CVSS7AI score0.01127EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/01 12:0 a.m.16 views

RHEL 8 : git-lfs (RHSA-2024:7449)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:7449 advisory. Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing th...

7.5CVSS7.5AI score0.01127EPSS
Exploits0References5
OSV
OSV
added 2024/09/30 2:31 p.m.18 views

RLSA-2024:7136 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...

7.5CVSS8.2AI score0.01127EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2024/09/30 2:31 p.m.20 views

git-lfs security update

An update is available for git-lfs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Git Large File Storage LFS replaces large files such as audio samples, videos...

7.5CVSS7.6AI score0.01127EPSS
Exploits0
OSV
OSV
added 2024/09/30 2:30 p.m.8 views

RLSA-2024:7135 Important: git-lfs security update

Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structure...

7.5CVSS8.2AI score0.01127EPSS
Exploits0References2
Rows per page
Query Builder