CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PyPA•added 2022/06/24 9:15 p.m.•6 views

PYSEC-2022-217

The cryptoasset-data-downloader package in PyPI v1.0.0 to v1.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS8AI score0.00734EPSS

PyPA•added 2022/06/24 9:15 p.m.•8 views

PYSEC-2022-43169

The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS7.9AI score0.00439EPSS

Prion•added 2022/06/24 9:15 p.m.•12 views

Design/Logic Flaw

The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

7.5CVSS9.7AI score0.00439EPSS

OSV•added 2022/06/24 9:15 p.m.•1 views

PYSEC-2022-43073

The cloudlabeling package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

OSV•added 2022/06/24 9:15 p.m.•2 views

PYSEC-2022-43133

The drxhello package in PyPI v0.0.1 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

OSV•added 2022/06/24 9:15 p.m.•1 views

PYSEC-2022-43168

OSV•added 2022/06/24 9:15 p.m.•1 views

PYSEC-2022-43132

The DR-Web-Engine package in PyPI v0.2.0b0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

PyPA•added 2022/06/24 9:15 p.m.•4 views

PYSEC-2022-43066

The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS8AI score0.00439EPSS

PyPA•added 2022/06/24 9:15 p.m.•7 views

PYSEC-2022-214

The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS8AI score0.00734EPSS

PyPA•added 2022/06/24 9:15 p.m.•5 views

PYSEC-2022-220

Reserved The pyesasky for python, as distributed on PyPI, included a code-execution backdoor inserted by a third party. The current version, without this backdoor, is 1.2.0-1.4.2...

9.8CVSS7AI score0.0102EPSS

PyPA•added 2022/06/24 9:15 p.m.•4 views

PYSEC-2022-216

The Perdido package in PyPI v0.0.1 to v0.0.2 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS8AI score0.00734EPSS

PyPA•added 2022/06/24 9:15 p.m.•4 views

PYSEC-2022-43164

The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS7.9AI score0.00439EPSS

OSV•added 2022/06/24 9:15 p.m.•2 views

PYSEC-2022-43169

OSV•added 2022/06/24 9:15 p.m.•0 views

PYSEC-2022-43172

The Watertools package in PyPI v0.0.0 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges...

9.8CVSS6.3AI score