Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 7:18 p.m.1 views

Malicious code in haruni-poke125 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0f27800ed5b7ffea490cbeb10342f30cbb5280fae4a0cf223268031ffb2618f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSVadded 2025/11/12 4:47 p.m.1 views

MAL-2025-170439 Malicious code in verify-tac-malasikibaulu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77208fd1c9356d7ba25c4aa3d610696fb4c72bff8fda65df1c2cd0f58c101698 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSVadded 2025/11/12 4:47 p.m.1 views

MAL-2025-153670 Malicious code in billa-21 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6881f559ec0d21150806151bf41d27a9f6e624ee0b1b23136f76af606d7351c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
Cvelist
Cvelistadded 2024/06/19 6:40 a.m.21 views

CVE-2024-37387

Use of potentially dangerous function issue exists in Ricoh Streamline NX PC Client. If this vulnerability is exploited, files in the PC where the product is installed may be altered...

0.00046EPSS
Exploits0References2
Tenable Nessus
Tenable Nessusadded 2021/01/14 12:0 a.m.28 views

Fedora 33 : golang-github-russellhaering-goxmldsig (2021-a2a7673da2)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-a2a7673da2 advisory. - In goxmldsig XML Digital Signatures implemented in pure Go before version 1.1.0, with a carefully crafted XML file, an attacker can completely...

6.5CVSS6.6AI score0.00209EPSS
Exploits0References2
Malwarebytes
Malwarebytesadded 2020/12/04 4:30 p.m.36 views

File-sharing and cloud storage sites: How safe are they?

There it is again—that annoying message that pops up when your email client informs you that a file is too big to attach. Those of us that are confronted with this problem on a regular basis—and those of us that want to attach files that could get picked up by anti-malware scanners along the...

7AI score
Exploits0
RedhatCVE
RedhatCVEadded 2020/10/01 6:5 a.m.34 views

CVE-2020-15216

In goxmldsig XML Digital Signatures implemented in pure Go before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. A patch is available, all users of goxmldsig should upgrade to at least revision...

6.5CVSS3.7AI score0.00209EPSS
Exploits0References4
Rows per page
Query Builder