161 matches found
Malicious code in adyen-web-v5 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25b6c05640ee26217a85a428224b5a1a72790f5efec2d036828cb3cda0afa5ab The package adyen-web-v5 was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded npm...
MAL-2025-49213 Malicious code in epic-web-payment-management (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57322b3ae061187188fbd722c1c0d7443dd93af100c00eb9259dc7f197a2fc59 The package epic-web-payment-management was found to contain malicious code...
Malicious code in add-to-cart-web (npm)
--- -= Per source details. Do not edit below this line.=-...
EUVD-2024-48169
Malicious code in bioql PyPI...
MAL-2025-42159 Malicious code in bohr-web (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1951f7ba96d2d67ff96aa97e3fb6fe00615dbf39ba8b1b9fc822b33bdac69ba0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
com.liferay:com.liferay.calendar.web (>=1.0.0 <=1.0.53), com.liferay:com.liferay.calevent.importer (>=1.0.0 <=1.0.11) potentially affected by CVE-2025-43739 via com.liferay:com.liferay.calendar.service (>=1.0.0 <=2.4.0)
com.liferay:com.liferay.calendar.service MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.11 Source cves: CVE-2025-43739 Source advisory: OSV:GHSA-7MXQ-H2R7-H449...
Malicious code in typopro-web-TypoPRO-Satisfy (npm)
The package typopro-web-TypoPRO-Satisfy was found to contain malicious code...
Malicious code in spin-web (npm)
The package spin-web was found to contain malicious code...
Malicious code in cycle-monorepo-sandbox-http (npm)
The package cycle-monorepo-sandbox-http was found to contain malicious code...
Malicious code in @framgia/viblo-accounts-auth-web (npm)
The package @framgia/viblo-accounts-auth-web was found to contain malicious code...
Malicious code in VDU-web (npm)
The package VDU-web was found to contain malicious code...
MAL-2025-27521 Malicious code in NightPro-Web (npm)
The package NightPro-Web was found to contain malicious code...
MAL-2025-37435 Malicious code in typopro-web-TypoPRO-Handlee (npm)
The package typopro-web-TypoPRO-Handlee was found to contain malicious code...
MAL-2025-37425 Malicious code in typopro-web-TypoPRO-Coustard (npm)
The package typopro-web-TypoPRO-Coustard was found to contain malicious code...
MAL-2025-37455 Malicious code in typopro-web-TypoPRO-Rosario (npm)
The package typopro-web-TypoPRO-Rosario was found to contain malicious code...
MAL-2025-37240 Malicious code in truncate-html-lth (npm)
The package truncate-html-lth was found to contain malicious code...
Malicious code in zoop-web-sdk (npm)
The package communicates with a domain associated with malicious activity...
Insufficient Session Expiration
Overview Affected versions of this package are vulnerable to Insufficient Session Expiration due to improper handling of JWT tokens in the session process. An attacker can maintain unauthorized access to a user session by reusing a previously valid JWT token after the user has logged out...
Malicious code in events-web (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-6284 Malicious code in events-web (npm)
The package communicates with a domain associated with malicious activity...