698 matches found
RayVentory Scan Engine 安全漏洞
RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Versions of RayVentory Scan Engine 12.6 Update 8 and earlier contain security vulnerabilities. These vulnerabilities allow...
MAL-2026-3284 Malicious code in tinfoil-shops (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 12060d7ba8ada1f0215277ed3936de1f8e9f03d47430fe816b634778291d7024 The package tinfoil-shops was found to contain malicious code. Source: ghsa-malware 5fafb06ed458abc37062e49cbd57b0e5c348dba7d88d1524ca5df198216d7326...
CVE-2023-53320
creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...
PT-2026-25785
A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route set user policy rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack...
MAL-2026-1530 Malicious code in styled-components-a11y (npm)
The package 'styled-components-a11y' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...
Malicious code in pearpass-lib-ui-theme-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ea77827543a6a72312b98aefe294d7f17ef926c74ebd096bb12a0de3a894b7f The package pearpass-lib-ui-theme-provider was found to contain malicious code. Source: ghsa-malware...
Malicious code in grepleaks (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbb12eb31b13d48c3bceaf932a48991331324e560fdf0dba37561862844fa2e8 The package grepleaks was found to contain malicious code. Source: ghsa-malware 3017ce71ea8163be051e049bafc4e07b09bcc4cf3b05675c0e5c300c105705ce Any...
MAL-2026-372 Malicious code in webmd-cookie (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6cea3e633de27fc446b20af035d103f0637ac73c9c5be185697d6c00e2329656 The package webmd-cookie was found to contain malicious code. Source: ghsa-malware 7c4d61d057a9a7c2e3ba6c1c54a58091ac030eff25b877dc80a22e0a804db962 A...
MAL-2025-192996 Malicious code in @vietmoney/react-native-htmlview (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 82606664e32d7050a729171d5dac24f54950e90b7259a7f90a582e94632fcc61 The package @vietmoney/react-native-htmlview was found to contain malicious code. Source: ghsa-malware...
MAL-2025-192673 Malicious code in xmlwtf3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc397291400d5d396c50c42966b6c482fb92a577a17ad2440c2ab4c7f0619e6 The package xmlwtf3 was found to contain malicious code. Source: ghsa-malware f1aef41363b46dac1d30ba3bd916904df95fce8278f6b3abed14f7b48002d2c8 Any...
MAL-2025-191451 Malicious code in @devx-commerce/plugin-discounts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 74de4ea6b81994c916a9fecaea82b1fa9c5a8bf24ad75dc6c755122b821ec169 The package @devx-commerce/plugin-discounts was found to contain malicious code. Source: ghsa-malware...
Malicious code in open2internet (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cbe1cf5da09eaf98a63e880a56f10409eaec90f40d9d3a7938b4bea09aeada36 The package open2internet was found to contain malicious code. Source: ghsa-malware 7df2207057942014062d4c686449d02043f6f221e63ee8014453f995f1429200...
EUVD-2025-39777
Malicious code in eko-tempe58-riris npm...
EUVD-2023-32448
Malicious code in bioql PyPI...
[Extended] Ethics in Computer Security Research: a Data-Driven Assessment of the Past, the Present, and the Possible Future
Ethical questions are discussed regularly in computer security. Still, researchers in computer security lack clear guidance on how to make, document, and assess ethical decisions in research when what is morally right or acceptable is not clear-cut. In this work, we give an overview of the...
MAL-2025-6087 Malicious code in dewiz-xyz (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e73eec59fc359ccdddf7aea6963be27ed045429eae410109c1d749dae6761e51 Any computer that has this package installed or running should be considered...
MAL-2025-6002 Malicious code in rtp-rapyd (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0a521f8592c35bef558ae1fd9a4f584f1365784b6f3254816e6db8f4592e453 Any computer that has this package installed or running should be considered...
MAL-2025-5987 Malicious code in rollup-linux-riscv64-gnu (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8a98f596921acebe0065ab2b5beda61f909a0c6595ad8ce2845d1d76a78fb9e Any computer that has this package installed or running should be considered...
MAL-2025-5890 Malicious code in angieslist-office-app-common (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1ef02b48854bea0c3c7e012377ff6e37a2ca9b371c56552ac87a3ec84a8ec098 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5882 Malicious code in @vapc-ui/search-box (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0da3194dfccd7f133907c4365b33fd21321477bd320e54e9115a90f0076ece9e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...