18 matches found
EUVD-2022-0211
Malicious code in bioql PyPI...
EUVD-2022-0099
Malicious code in bioql PyPI...
CVE-2022-40424
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-networking package. The affected version of d8s-urls is 0.1.0...
CVE-2022-44049
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0...
CVE-2022-43306
The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-dates package. The affected version of d8s-htm is 0.1.0...
PYSEC-2022-43026
The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
CVE-2022-42041
The d8s-file-system package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hashes package. The affected version is 0.1.0...
CVE-2022-41380
The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...
PT-2022-37340 · Pypi · Democritus-Csv +1
Name of the Vulnerable Software and Affected Versions: d8s-ip-addresses version 0.1.0 Description: The d8s-ip-addresses package for Python contains a potential code-execution backdoor. This backdoor is attributed to the democritus-csv package, which was inserted by a third party. Recommendations:...
PYSEC-2022-43092
The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...
Democritus Project 代码问题漏洞
Democritus Project is a collection of simple, effective, modular, fully tested and well-documented features from Democritus, Inc. A security vulnerability exists in Democritus Project d8s-strings version 0.1.0 that originates from a potential code execution backdoor inserted by a third party...
PT-2022-37366 · Pypi · Democritus-Hypothesis +1
Name of the Vulnerable Software and Affected Versions: d8s-uuids version 0.1.0 Description: The d8s-uuids package for Python, distributed on PyPI, contains a potential code-execution backdoor. This backdoor is attributed to the democritus-hypothesis package, which was inserted by a third party...
CVE-2022-38792
The exotel aka exotel-py package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party...
CVE-2022-34981
The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party...
Code injection
The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party...
CVE-2022-33000
The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...
CVE-2022-34053
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...
CVE-2022-34053
The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...