7991 matches found
Malicious Package
Overview op-cli-installer is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in op-cli-installer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4b3ae42ff2507fbd7e994719a2e19d362d037ccbce81544f7617a07bcf6468b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48776 Malicious code in op-cli-installer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4b3ae42ff2507fbd7e994719a2e19d362d037ccbce81544f7617a07bcf6468b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in npm-cli-00 (npm)
The package npm-cli-00 was found to contain malicious code...
MAL-2025-48746 Malicious code in npm-cli-00 (npm)
The package npm-cli-00 was found to contain malicious code...
com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +80 more potentially affected by CVE-2025-12194 via org.bouncycastle:bc-fips (>=2.1.0 <=2.1.1)
org.bouncycastle:bc-fips MAVEN version =2.1.0, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =3.1.2-822, =3.1.2-822, =3.1.2-822, =3.1.2-822, =4.10.0, =4.10.0, =4.10.0, =4.10.0, =4.10.0, =4.10.2 and more Source cves: CVE-2025-12194 Source advisory:...
com.itextpdf:bouncy-castle-fips-adapter (=9.6.0), org.openidentityplatform.opendj:opendj-cli (=4.10.2) +70 more potentially affected by CVE-2025-12194 via org.bouncycastle:bc-fips (=2.1.1)
org.bouncycastle:bc-fips MAVEN version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.itextpdf:bouncy-castle-fips-adapter =9.6.0 - org.openidentityplatform.opendj:opendj-cli =4.10.2 -...
CVE-2025-4106 WatchGuard Firebox leftover debug code vulnerability
An authenticated admin user with access to both the management WebUI and command line interface on a Firebox can enable a diagnostic debug shell by uploading a platform and version-specific diagnostic package and executing a leftover diagnostic command. This issue affects Fireware OS: from 12.0...
Malicious code in mender-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7de3cf7258b50c3fd2233ed366fed6714e44da530255103d045c71406b2ea081 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48569 Malicious code in mender-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7de3cf7258b50c3fd2233ed366fed6714e44da530255103d045c71406b2ea081 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Access Control Bypass
Overview @kottster/cli is a CLI for Kottster Affected versions of this package are vulnerable to Access Control Bypass via the initApp and installPackagesForDataSource actions. An attacker can gain unauthorized administrative access and execute arbitrary system commands by repeatedly triggering...
Security update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metada
This update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock contains the following fixes: Changes in aws-cli: - Update to 1.33.26...
SUSE-SU-2025:3744-1 Security update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock
This update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock contains the following fixes: Changes in aws-cli: - Update to 1.33.26...
VulnCheck KEV: CVE-2025-24477
A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command...
albibong (>=1.0.0 <=1.1.10), am-viewer (>=1.1.0 <=4.0.1) +70 more potentially affected by unknown CVE via scapy (>=2.2.0.dev0 <=2.6.1)
scapy PYPI version =2.2.0.dev0, =1.0.0, =1.1.0, =1.0.3, =1.2.0, =1.2.0, =0.0.1, =1.2.5, =1.0.8, =0.0.4, =0.1.8, =0.2.5, =0.1.3, =1.2.1b0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-CQ46-M9X9-J8W2...
GHSA-25QH-J22F-PWP8 vulnerabilities
Vulnerabilities for packages: kserve-modelmesh, akhq, trino, management-api-for-apache-cassandra-5.0, zookeeper, apache-nifi-registry, cassandra, nextflow, sonar-scanner-cli, apache-nifi, cassandra-reaper, thingsboard, dependency-track...
GHSA-25QH-J22F-PWP8 vulnerabilities
Vulnerabilities for packages: akhq, knative-kafka-broker-fips, kayenta, apache-nifi, nextflow, thingsboard, dependency-track, nacos-docker, cassandra, nacos, zookeeper-fips, kserve-modelmesh, zookeeper, management-api-for-apache-cassandra-5.0, localstack, sonar-scanner-cli, trino, kayenta-fips,...
CVE-2025-11226 vulnerabilities
Vulnerabilities for packages: akhq, knative-kafka-broker-fips, kayenta, apache-nifi, nextflow, thingsboard, dependency-track, nacos-docker, cassandra, nacos, zookeeper-fips, kserve-modelmesh, zookeeper, management-api-for-apache-cassandra-5.0, localstack, sonar-scanner-cli, trino, kayenta-fips,...
Malicious code in shutterstock-cli (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 293a07df288218d171e1132e93d24e0f6e75160174cf78ef8589073b1e7eb72a Any computer that has this package installed or running should be considered...
MAL-2025-48762 Malicious code in shutterstock-cli (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 293a07df288218d171e1132e93d24e0f6e75160174cf78ef8589073b1e7eb72a Any computer that has this package installed or running should be considered...