Lucene search
K

1086608 matches found

OSV
OSV
added 2026/06/09 8:29 p.m.9 views

MAL-2026-5471 Malicious code in getd-ui-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdbf66757b102ed524f01c498adae819b02968aa455f57316f4e08af1fb9ea0 On npm install, postinstall.js runs unconditionally scripts.postinstall = 'node postinstall.js' and sends an HTTPS GET to a hardcoded webhook.site UR...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:25 p.m.11 views

Malicious code in getd-web-corporativa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6751d3ca04c2ae596f7e809e339770edaed576060d361c061311960b0a3a7033 On npm install, postinstall.js performs an HTTPS GET to a hardcoded webhook.site receiver, leaking the installer's hostname, OS username, platform,...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 8:25 p.m.10 views

MAL-2026-5472 Malicious code in getd-web-corporativa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6751d3ca04c2ae596f7e809e339770edaed576060d361c061311960b0a3a7033 On npm install, postinstall.js performs an HTTPS GET to a hardcoded webhook.site receiver, leaking the installer's hostname, OS username, platform,...

5.5AI score
Exploits0References1
Snyk
Snyk
added 2026/06/09 8:24 p.m.6 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow through the FTS5 extension when processing a crafted database containing malformed FTS5 page data. An attacker can cause process crashes, memory exhaustion, or execute arbitrary code by supplying a specially...

8.5CVSS6.2AI score0.00175EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:21 p.m.12 views

Malicious code in ipy-rev-proxy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 591a0d253aee02115544f9bcac7609e62d8c18a9ac60cc4967d7d6e8c7f7d555 On npm install, index.js runs as a preinstall hook and POSTs hostname, username, platform, architecture, cwd, CI flags, and npm user-agent to...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:18 p.m.16 views

Malicious code in db-xorma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1428486c71a3cd7d89ea90a17631bb5dc0fee7e11a6cbb4d8029a8b25268c7d2 db-xorma advertises itself as a reactive in-memory database library. When a consumer creates any Model instance the documented entry point, the...

6.2AI score
Exploits0References6
OSV
OSV
added 2026/06/09 8:18 p.m.9 views

MAL-2026-5464 Malicious code in db-xorma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1428486c71a3cd7d89ea90a17631bb5dc0fee7e11a6cbb4d8029a8b25268c7d2 db-xorma advertises itself as a reactive in-memory database library. When a consumer creates any Model instance the documented entry point, the...

6.2AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:18 p.m.8 views

Malicious code in db-dx-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f9125a23bf19f9f20f101c2db4888d121e6bd931fcb9933ef0e4f899c3759 The package name db-dx-connector inverts the word order of the legitimate dx-db-connector package whose own GitHub URL...

6.1AI score
Exploits0References4
OSV
OSV
added 2026/06/09 8:18 p.m.10 views

MAL-2026-5463 Malicious code in db-dx-connector (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 074f9125a23bf19f9f20f101c2db4888d121e6bd931fcb9933ef0e4f899c3759 The package name db-dx-connector inverts the word order of the legitimate dx-db-connector package whose own GitHub URL...

6.1AI score
Exploits0References4
GithubExploit
GithubExploit
added 2026/06/09 8:17 p.m.103 views

Exploit for Integer Overflow or Wraparound in Google Android

CVE-2025-48595 - Android Framework Integer Overflow Vulnerabil...

8.4CVSS6.1AI score0.01714EPSS
Exploits1
NVD
NVD
added 2026/06/09 8:17 p.m.16 views

CVE-2026-48306

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00141EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 8:17 p.m.11 views

CVE-2026-48305

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00141EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 8:16 p.m.10 views

CVE-2026-47906

Dreamweaver Desktop versions 21.7 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a maliciou...

8.6CVSS0.00177EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 8:16 p.m.13 views

CVE-2026-47908

Dreamweaver Desktop versions 21.7 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00161EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 8:16 p.m.10 views

CVE-2026-34710

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00144EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 8:16 p.m.15 views

CVE-2026-34709

Substance3D - Sampler versions 6.0.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS0.00138EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 8:16 p.m.10 views

CVE-2026-11824

SQLite before 3.53.2 contains a heap-based buffer overflow vulnerability in the FTS5 full-text search extension that allows attackers to cause a crash or execute arbitrary code by supplying a crafted database with malicious continuation page metadata specifying a szLeaf value smaller than 4...

8.5CVSS0.00175EPSS
Exploits0References4
NVD
NVD
added 2026/06/09 8:16 p.m.9 views

CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

8.5CVSS0.00175EPSS
Exploits0References4
OSV
OSV
added 2026/06/09 8:16 p.m.3 views

DEBIAN-CVE-2026-11822

SQLite before 3.53.2 contains memory corruption vulnerabilities in the FTS5 full-text search extension that allow attackers to cause process crashes, memory exhaustion, or arbitrary code execution by supplying a crafted database with malformed FTS5 page data. Attackers can trigger an out-of-bound...

8.5CVSS6.5AI score0.00175EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/09 8:9 p.m.8 views

Malicious code in tailwind-form (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 37a2959fd43465328b090afd0464e0e3de0e1677ecd2068d4ef05bdfe5867b79 tailwind-form is a typosquat of the legitimate @tailwindcss/forms plugin README and repository field are copied from tailwindlabs/tailwindcss-forms,...

6.4AI score
Exploits0References2
Rows per page
Query Builder