EUVD-2023-0976

Malicious code in bioql PyPI...

MAL-2025-47146 Malicious code in @nativescript-community/arraybuffers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbd4477b4250e2af1b9a5fdcd76d234900437c12290d3cc79ec173d8f0fbc862 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @nativescript-community/arraybuffers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dbd4477b4250e2af1b9a5fdcd76d234900437c12290d3cc79ec173d8f0fbc862 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@nativescript-community/ble (>=3.1.8 <=3.1.22), @nativescript-community/sentry (>=4.6.19 <=4.6.45) +14 more potentially affected by unknown CVE via @nativescript-community/arraybuffers (=1.1.5)

@nativescript-community/arraybuffers NPM version =1.1.5 is affected by a known vulnerability. The following packages have a transitive dependency on @nativescript-community/arraybuffers and may be impacted: - @nativescript-community/ble =3.1.8, =4.6.19, =4.4.4, =1.0.11, =0.0.27, =6.0.0, =6.0.0,...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

Linux Distros Unpatched Vulnerability : CVE-2021-42863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer wit...

Linux Distros Unpatched Vulnerability : CVE-2018-6061

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race in the handling of SharedArrayBuffers in WebAssembly in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap...

CVE-2023-28445

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the...

Design/Logic Flaw

Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation could result in an out-of-bound read/write. It is unlikely that this has been exploited in the wild, as the...

PT-2023-2318 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno version 1.32.0 Description: The issue is related to resizable ArrayBuffers passed to asynchronous functions that are shrunk during the asynchronous operation, which could result in an out-of-bound read/write. It is unlikely that this has...

CVE-2021-42863

A buffer overflow in ecmabuiltintypedarrayprototypefilter in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size...