Malicious code in analysis-chart (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1ab4349bcc1e8f4434817d242b136f6e6050d4acb234aa833d81ffd74942066 The package's postinstall hook install-hook.js, invoked via package.json scripts.postinstall fetches an opaque binary 'payload.bin' from...

Malicious code in @nullzero/urlcat (npm)

@nullzero/urlcat version 1.4.2, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all follow the pattern [email protected], with...

MAL-2026-6308 Malicious code in @lazyutil/dater (npm)

@lazyutil/dater malicious versions 0.8.1, 0.9.2, 0.9.3, and 0.9.4, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all...

Malicious code in 1cat-tunnel-client-zx (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 796f1b18c13a38088b4e48d75575eb92b23af5d91cdfaf6a82717f0fabbc7a79 On npm install, the package's postinstall hook node install.js fetches a platform-specific executable from...

MAL-2026-4677 Malicious code in swift-optimizer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c54f35da6df5cef65715d49fb7942aff442ee9a0cb486862031e5009277db3a On npm install, [email protected] runs scripts/install-binary.js as a postinstall hook. The script is a hand-rolled JavaScript bytecode VM 123 KB...

EUVD-2019-0249

Malware in sbrugna...

EUVD-2019-0244

Malware in sbrugna...

Malicious code in solaraexecutor (npm)

This package uses obfuscation to hide that its downloading a malicious binary from an attacker-controlled domain --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b8807e1265b0c39afd3a6507559deb211f67d9a559b8094aecea14d18f30dcf7 Any computer that has this package...

GHSA-2JX8-V4HV-GX3H XXE vulnerability in Launch import

| Release Date | Affected Projects | Affected Versions | Access Vector| Security Risk | |--------------|-------------------|-------------------|---------------|---------------| | Monday, May 4, 2020| service-api | Every version, starting from 3.1.0 | Remote | Medium | Impact Starting from version...

CVE-2020-24025

CVE-2020-24025 affects node-sass versions from 2.0.0 through 4.14.1, where certificate validation is disabled when requesting binaries, even if no alternative download path is specified. This can enable TLS validation bypass when fetching binaries. The description does not specify affected OSes o...

Velociraptor - Endpoint Visibility and Collection Tool

Velociraptor is a tool for collecting host based state information using Velocidex Query Language VQL queries. To learn more about Velociraptor, read the documentation on: https://www.velocidex.com/docs/ Quick start If you want to see what Velociraptor is all about simply: 1. Download the binary...

ManageEngine Asset Explorer Windows Agent Remote Code Execution

XL-2020-003 - Asset Explorer Windows Agent - Remote Code Execution =============================================================================== Identifiers ------------------------------------------------- CVE-2020-8838 XL-20-003 CVSSv3 score ------------------------------------------------- 7...

ApplicationInspector - A Source Code Analyzer Built For Surfacing Features Of Interest And Other Characteristics To Answer The Question 'What'S In It' Using Static Analysis With A Json Based Rules Engine

Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting characteristics of source code to aid in determining what the software is or what it does. Application Inspector is different from traditional static...

redis-srvr code execution vulnerability

redis-srvr is a package for downloading and installing Redis. A security vulnerability exists in redis-srvr that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...

gfe-sass Remote Code Execution Vulnerability

gfe-sass is a sass library. A security vulnerability exists in gfe-sass that originates when a program downloads a binary file over an unencrypted HTTP link. An attacker could exploit this vulnerability by intercepting the response and replacing the requested binary with a malicious executable fi...

cmake Remote Code Execution Vulnerability

cmake is a set of open source, cross-platform tools for building, testing and packaging software . A security vulnerability exists in cmake that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the...

jstestdriver Remote Code Execution Vulnerability

jstestdriver is a JavaScript code testing , running tools. A security vulnerability exists in jstestdriver that originates when the program downloads binary resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requested binary with an...

Slimerjs-edge Remote Code Execution Vulnerability

slimerjs-edge is a scriptable browser for web development and testing. A security vulnerability exists in slimerjs-edge that originates when the program downloads binary resources over the HTTP protocol. A remote attacker could exploit the vulnerability by replacing the requested binary with an...

webdriver-launcher remote code execution vulnerability

webdriver-launcher is a tool that enables you to launch your browser using webdriver. A security vulnerability exists in webdriver-launcher that originates when the program downloads binary resources over the HTTP protocol. A remote attacker can exploit the vulnerability by replacing the requeste...

Haxe 3 Remote Code Execution Vulnerability

Haxe 3 is a toolkit for building cross-platform tools and frameworks. A security vulnerability exists in Haxe 3 that originates when a program downloads a binary file over an unencrypted HTTP connection. A remote attacker can exploit the vulnerability by intercepting the response and replacing th...