Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

OSV
OSVadded 4 days ago4 views

MAL-2026-5777 Malicious code in field-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0112dc4801bb261e86a2f68d5fd49b6c955bb4e82f872c72e61e49cc638ca91c package.json declares both preinstall and postinstall scripts that run curl against a hardcoded bare-IP HTTP endpoint http://3.7.226.146:9000/callbac...

5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packagesadded last week9 views

Malicious code in web-model-bridge (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d2c385c177531c421e5a49f41d931890a48c16c921b23cc20f2bf4cd8fae893 On npm install, postinstall.js sends an HTTPS POST to https://ddactic-lab.online/sc/beacon carrying the package name/version, Node version, OS,...

5.4AI score
Exploits0References2
OSV
OSVadded 2026/06/09 4:5 p.m.4 views

MAL-2026-5402 Malicious code in screenpipe-mcp-http (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 28109405008c1eaee3b3702337a3278723bb7e70e01929a4b76132b19c705790 [email protected] is a dependency-confusion lure that beacons installer-identifying data to an attacker-controlled domain on npm install...

5.5AI score
Exploits0References1
Talos Blog
Talos Blogadded 2024/10/30 10:0 a.m.10 views

Writing a BugSleep C2 server and detecting its traffic with Snort

In June 2024, security researchers published their analysis of a novel implant dubbed "MuddyRot"aka "BugSleep". This remote access tool RAT gives operators reverse shell and file input/output I/O capabilities on a victim's endpoint using a bespoke command and control C2 protocol. This blog will...

8.1AI score
Exploits0
CNNVD
CNNVDadded 2020/12/08 12:0 a.m.3 views

Multiple Qualcomm Products Buffer Error Vulnerability

The Qualcomm Component is a component of Qualcomm Incorporated USA. The intrinsic parts that provide the functionality of Qualcomm devices. A security vulnerability exists in multiple Qualcomm products that stems from an incorrect field check length that reads out of range when parsing NAN beacon...

9.8CVSS7.3AI score0.00873EPSS
Exploits0References4
NVD
NVDadded 2020/09/08 10:15 a.m.15 views

CVE-2020-11115

u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...

7.5CVSS7.4AI score0.00663EPSS
Exploits0References2
Rows per page
Query Builder