Lucene search
K

28 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/06/24 8:58 p.m.4 views

Malicious code in deere-ui-commonjs-shim (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a67ec4bddb1b8af04cfc08903b303377f2c20937c3b6f13287bcb450d2189a53 Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/17 4:37 a.m.3 views

Malicious code in zkevm-commonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f97b3c164e028fa05d0832ddbf8afc66fa090caec4d50eac611b2132c8b24925 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/04/17 4:37 a.m.4 views

MAL-2025-3266 Malicious code in zkevm-commonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f97b3c164e028fa05d0832ddbf8afc66fa090caec4d50eac611b2132c8b24925 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSV
OSV
added 2024/09/23 10:11 p.m.4 views

GHSA-GCX4-MW62-G8WM DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS

Summary We discovered a DOM Clobbering vulnerability in rollup when bundling scripts that use import.meta.url or with plugins that emit and reference asset files from code in cjs/umd/iife format. The DOM Clobbering gadget can lead to cross-site scripting XSS in web pages where scriptless...

8.3CVSS6.9AI score0.007EPSS
Exploits1References7
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.4 views

browserify-shim 安全漏洞

browserify-shim is used by thlorenz individual developers to make CommonJS incompatible files browsable. A security vulnerability exists in browserify-shim version 3.8.15, which stems from a prototype contamination vulnerability found in the resolveShims function...

9.8CVSS8.2AI score0.01153EPSS
Exploits1References4
OSV
OSV
added 2022/08/19 3:55 a.m.4 views

MAL-2022-5840 Malicious code in rollup-pulgin-comsonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f51e311c145a9753f0b9cb137dddc9e3bffb27b6cb502240c2b697d2028267ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/08/19 3:55 a.m.8 views

MAL-2022-1415 Malicious code in babel-pzugin-transform-es2015-modues-commonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f487dcb86915ec1bb46550b2f2a4b5cc2d0deb6cdabc7fb8b3ca164467e27876 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSV
OSV
added 2022/08/19 3:55 a.m.6 views

MAL-2022-1420 Malicious code in babelllugintransformes2015modulescommonjs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 85a16e3db18168e71a2eeec8f9190a55ae782642089ef8b41719535a6a434a82 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Rows per page
Query Builder