Lucene search
K

1833 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:19 a.m.13 views

Malicious code in internallib_v346 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16f3f2c0990e02417fdf7012e6531393e81f786bb16019d0efdb03c049817f90 Package name targets an internal-only namespace and ships a reverse-shell payload. index.js line 5 unconditionally invokes exec'/bin/bash -c "bash -i...

5.4AI score
Exploits0References7
OSV
OSV
added 2026/06/11 7:19 a.m.10 views

MAL-2026-5613 Malicious code in internallib_v346 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16f3f2c0990e02417fdf7012e6531393e81f786bb16019d0efdb03c049817f90 Package name targets an internal-only namespace and ships a reverse-shell payload. index.js line 5 unconditionally invokes exec'/bin/bash -c "bash -i...

5.5AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 1:46 a.m.9 views

Malicious code in acme-widget-layout-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff800752007d4e55ddc8172e04c8d75ac04d61b499cc58d97f016cd34d70d6c4 On import, src/acmewidgetlayoututils/init.py executes a textbook reverse-shell pattern: it opens a TCP socket, duplicates the socket file descriptor...

5.8AI score
Exploits0References3
OSV
OSV
added 2026/06/11 1:46 a.m.10 views

MAL-2026-5545 Malicious code in acme-widget-layout-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ff800752007d4e55ddc8172e04c8d75ac04d61b499cc58d97f016cd34d70d6c4 On import, src/acmewidgetlayoututils/init.py executes a textbook reverse-shell pattern: it opens a TCP socket, duplicates the socket file descriptor...

5.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 6:37 p.m.12 views

Malicious code in @solana-labs/web3.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91b0523027116b3981b0f1dfe925f01d8956eb19817aae6ea7d0022d5357fba4 Package @solana-labs/web3.js impersonates the legitimate @solana/web3.js and re-exports it as cover while running a malicious postinstall node...

5.5AI score
Exploits0References6
OSV
OSV
added 2026/06/10 6:37 p.m.10 views

MAL-2026-5525 Malicious code in @solana-labs/web3.js (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91b0523027116b3981b0f1dfe925f01d8956eb19817aae6ea7d0022d5357fba4 Package @solana-labs/web3.js impersonates the legitimate @solana/web3.js and re-exports it as cover while running a malicious postinstall node...

5.5AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/10 5:11 p.m.13 views

Malicious code in requests-toolbelt-plus (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 38c64ca050de4910f56bc4a652890b0a378082859cb62153762c6ae08b4b8eae The package impersonates the popular requests-toolbelt library but ships an empty requeststoolbeltplus/init.py and places its real logic in setup.py...

6.1AI score
Exploits0References3
GithubExploit
GithubExploit
added 2026/06/09 12:47 p.m.75 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2ShellExploit CVE-2025-55182 I created simple react2she...

10CVSS7.3AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2026/06/09 5:7 a.m.64 views

HTB-TwoMillion-Exploit

HTB-TwoMillion-Exploit Importante: Esto NO es un writeu...

5.5AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 10:31 p.m.15 views

Malicious code in xfoofoox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94e46dfacc8ffb015e2258d96dedda0eebb7118144ace7021794c88b319ade14 During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/08 10:31 p.m.21 views

MAL-2026-5340 Malicious code in xfoofoox (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 94e46dfacc8ffb015e2258d96dedda0eebb7118144ace7021794c88b319ade14 During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 9:41 p.m.9 views

Malicious code in xfoobar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a54c1c17d20a069af19c48751aada9e426bcbf55484c360cf21ac70f35d3d0dd During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/08 9:41 p.m.12 views

MAL-2026-5335 Malicious code in xfoobar (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a54c1c17d20a069af19c48751aada9e426bcbf55484c360cf21ac70f35d3d0dd During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/08 6:4 p.m.12 views

Malicious code in xforpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6ebd6a0497e01ef631a2c357263bd1af23d88e8d9a9ae46fe39110571949198c During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/06/08 6:4 p.m.10 views

MAL-2026-5332 Malicious code in xforpy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6ebd6a0497e01ef631a2c357263bd1af23d88e8d9a9ae46fe39110571949198c During import, the package starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

5.8AI score
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/07 10:53 a.m.88 views

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

excute exploit: bash python ./exploit.py -t 10.129.20.16 -l 1...

9.8CVSS5.4AI score0.12797EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/06/07 12:54 a.m.178 views

Exploit for Authentication Bypass Using an Alternate Path or Channel in Sangoma Freepbx

CVE-2025-57819 — FreePBX Pre-Auth SQLi to RCE An all-in-one e...

10CVSS6.9AI score0.93286EPSS
Exploits20
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/05 10:9 p.m.11 views

Malicious code in anthropy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fa5e8904e682bfc10273961eb25b914c8d79b89e2a6c923c32bb9b3233d41c2 The package anthropy is a one-character typosquat of the legitimate anthropic PyPI SDK. The sole module anthropy.py executes a classic Python reverse...

5.8AI score
Exploits0References2
OSV
OSV
added 2026/06/05 10:9 p.m.8 views

MAL-2026-5273 Malicious code in anthropy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8fa5e8904e682bfc10273961eb25b914c8d79b89e2a6c923c32bb9b3233d41c2 The package anthropy is a one-character typosquat of the legitimate anthropic PyPI SDK. The sole module anthropy.py executes a classic Python reverse...

5.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:58 p.m.8 views

CVE-2023-54344

Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in...

9.8CVSS6.7AI score0.0055EPSS
Exploits0References1
Rows per page
Query Builder