333 matches found
EUVD-2022-4061
Malicious code in bioql PyPI...
EUVD-2024-2675
Malicious code in bioql PyPI...
Security Bulletin:IBM Event Endpoint Management is vulnerable to Sensitive Information Leakage and Request Smuggling (CVE-2025-4673,CVE-2025-22871)
Summary Operator of IBM Event Endpoint Management is vulnerable to Sensitive Information Leakage and Request Smuggling due to apache HTTP pomponents. IBM Event Endpoint Management uses HTTP components to expose secure event APIs via its Event Gateway, enabling client applications to interact with...
Malicious Package
Overview @navancorp/angular-web-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious code in blocks-web-components (npm)
The package blocks-web-components was found to contain malicious code...
MAL-2025-41948 Malicious code in blocks-web-components (npm)
The package blocks-web-components was found to contain malicious code...
Malicious code in @sfdc-www-emu/clientlibs-web-components (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41457 Malicious code in @sfdc-www-emu/clientlibs-web-components (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @navancorp/angular-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c94679c1658a3cfefa49daf06a90a50daeb480069b754976a6f72efa2e4e1d44 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-41423 Malicious code in @navancorp/angular-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c94679c1658a3cfefa49daf06a90a50daeb480069b754976a6f72efa2e4e1d44 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in eslint-plugin-spectrum-web-components (npm)
The package eslint-plugin-spectrum-web-components was found to contain malicious code...
Malicious code in idms-web-components (npm)
The package idms-web-components was found to contain malicious code...
MAL-2025-22977 Malicious code in idms-web-components (npm)
The package idms-web-components was found to contain malicious code...
MAL-2025-19863 Malicious code in eslint-plugin-spectrum-web-components (npm)
The package eslint-plugin-spectrum-web-components was found to contain malicious code...
MAL-2025-25707 Malicious code in lwc-components-lightning (npm)
The package lwc-components-lightning was found to contain malicious code...
CVE-2021-37196
A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions = V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS unpacks specially crafted archi...
CVE-2021-37195
A vulnerability has been identified in COMOS V10.2 All versions only if web components are used, COMOS V10.3 All versions V10.3.3.3 only if web components are used, COMOS V10.4 All versions V10.4.1 only if web components are used. The COMOS Web component of COMOS accepts arbitrary code as...
MAL-2025-4159 Malicious code in @webhighlights/shared-components (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in @abb-ux/commonux-web-components (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f22e30f31c7ac7adf96fb88b6ec251f1263a643a038b0fcba1db4b8ada61cb1c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @sporta-technology/d11-web-components.typography (npm)
--- -= Per source details. Do not edit below this line.=-...