Lucene search
+L

132 matches found

PyPA
PyPA
added 2022/06/24 9:15 p.m.9 views

PYSEC-2022-43133

The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS8AI score0.01941EPSS
Exploits1References4Affected Software1
PyPA
PyPA
added 2022/06/24 9:15 p.m.9 views

PYSEC-2022-43168

The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS7.9AI score0.01977EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2022/06/24 9:15 p.m.15 views

Design/Logic Flaw

The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

7.5CVSS9.7AI score0.01977EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2022/06/24 9:15 p.m.19 views

Design/Logic Flaw

The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

7.5CVSS9.7AI score0.01901EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/06/24 9:15 p.m.29 views

PYSEC-2022-214

The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.8AI score0.01901EPSS
Exploits1References3
OSV
OSV
added 2022/06/24 9:15 p.m.3 views

PYSEC-2022-43172

The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.3AI score
Exploits0References3
OSV
OSV
added 2022/06/24 9:15 p.m.22 views

PYSEC-2022-218

The django-navbar-client package of v0.9.50 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.9AI score0.01901EPSS
Exploits1References3
OSV
OSV
added 2022/06/24 9:15 p.m.27 views

PYSEC-2022-216

The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.7AI score0.01901EPSS
Exploits1References3
OSV
OSV
added 2022/06/24 9:15 p.m.27 views

PYSEC-2022-219

The RootInteractive package in PyPI v0.0.5 to v0.0.19b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.9AI score0.01901EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.20 views

CVE-2022-34059

The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01977EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.21 views

CVE-2022-34057

The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01333EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.29 views

CVE-2022-34056

The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01941EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.28 views

CVE-2022-34055

The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01941EPSS
Exploits1References3
CVE
CVE
added 2022/06/24 8:39 p.m.59 views

CVE-2022-34054

The CVE-2022-34054 entry concerns the Perdido package on PyPI (versions 0.0.1–0.0.2) that allegedly contains a code execution backdoor introduced via the request package. Reported impact in sources includes access to sensitive user information and digital currency keys, with privilege escalation....

9.8CVSS9.7AI score0.01901EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2022/06/24 8:39 p.m.68 views

CVE-2022-34055

The CVE-2022-34055 entry concerns the drxhello PyPI package (version 0.0.1). Documents describe a code execution backdoor introduced via the request package, enabling attackers to access sensitive user information and digital currency keys and to escalate privileges. Affected component is the drx...

9.8CVSS9.7AI score0.01941EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.28 views

CVE-2022-33004

The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01901EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.41 views

CVE-2022-33002

The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01941EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.31 views

CVE-2022-33001

The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01941EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/24 8:39 p.m.20 views

CVE-2022-33000

The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.9AI score0.01901EPSS
Exploits1References3
CVE
CVE
added 2022/06/24 8:39 p.m.71 views

CVE-2022-32998

The CVE-2022-32998 entry concerns the cryptoasset-data-downloader package for PyPI, affected versions 1.0.0 through 1.0.1. The root cause is a code execution backdoor introduced via the requests package, enabling an attacker to execute arbitrary code. Reported impact includes access to sensitive ...

9.8CVSS9.7AI score0.01901EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder