MAL-2025-4819 Malicious code in bzl_components-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2e9d92ea6bf2f83b7f1ef5fda995c4ca9b06ee0c6e4666b1ac581d884dbae28f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4864 Malicious code in playwright-coverage (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bf8711293d366c2ab04b98c26ea6e6fbc5022a045727404387dc51c9496cb328 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4857 Malicious code in node-loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4d3ceb026e94d925a50747700634d96a0e709e7c3882dac41638f6578a9e7228 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4847 Malicious code in libxslt1-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01dca888124ebee488c3fdffe46760b8062c7b090ec88b917cf55144e2f46289 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4826 Malicious code in ember-reactive-decorators (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d84c1b54fe2e6e15578eaa4b72424dfaea95f68c7a2f8c9107d9d031dd0f8ae6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-49009 Para Inserts Sensitive Information into Log File for Facebook authentication

Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access...

MAL-2025-4672 Malicious code in @sasmeee/demoupload2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 010f01398a3d762a2f78d4620f4495c5cf865adc1d236a2c1b5f637a8429cf18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4676 Malicious code in @sasmeee/test-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67fed36f82c28952db0d301720c1d3e6a90d1c74f3c0ed4442b8731b1c9fc4e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4649 Malicious code in nodyne (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba16ef861090c23b958fabcd5d99446ac8605df4f4eacdb52bb885d11c03f480 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4634 Malicious code in vite-logging-patchers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad6175bd8f5029571f264ac2f7c183d7d37e0d212c2389e025a9607ff8046f31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4463 Malicious code in airdrop-interface-ad (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8b659b04caefd64c23fa0ab168a39c3230fcb5fd6eaf85213608b60479faf32f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4397 Malicious code in rth-host-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f0cc579318821b02f953f5352cd75b9821dce3effb14a8e80f8b0ce416e77f5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4400 Malicious code in seatable (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 534db55497a58d9007903dfa5dfe418fd37c2ab3ef4a8a47567e44e3a7ada101 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4342 Malicious code in estatement-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2d1698e2eb52857509dec5140bc7c61a137d2005a1c097bdb0cbab9d5c1e77a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4305 Malicious code in blog-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e572e251b32145d6856f8000dca0bbf112278ecc3f967ed61626010e0a0f9c5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4324 Malicious code in com.unity.netcode.gameobjects (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 131cc29f9c925613b77fd6e6c06f43433bdc5a9511461af56fd519562408c3c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2019-12504

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002 is prone to keystroke injection attacks. Thus, an attacker is able to send arbitrary keystrokes to a victim's computer system, e.g., to install malware when the target system is unattended. In this wa...

MAL-2025-4098 Malicious code in lol-rp-raffle (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00025362df4c28b05b43b7f7d4ef05b04b5ca52287e9d1df8b20426c4d68d0a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4136 Malicious code in typescri (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38f04c3fc11a28f8c6d0deae7aa58501ba6e77e2641fac6e541e6ced55c8928c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4089 Malicious code in human-readable-time-formatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c9a8186838a4df771f127895d5aee834c26caebf7c60379f604464fc1f33356 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...