15485 matches found
MAL-2025-6360 Malicious code in cookie-loggo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da95f02fa18d6bce342117ad163fbd0ee6a196cac3b261f5a3592eed8ac7985a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cookie-loggo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da95f02fa18d6bce342117ad163fbd0ee6a196cac3b261f5a3592eed8ac7985a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @kodane/patch-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7695fde6cc3a35bd130bcdcc096ef89e7ce312c36cd9e0a15ec986d9f516873 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2025-31394 · Cvat · Cvat
Name of the Vulnerable Software and Affected Versions: CVAT versions 1.1.0 through 2.41.0 Description: CVAT is an open source interactive video and image annotation tool for computer vision. Email verification was not enforced when using Basic HTTP Authentication in versions 1.1.0 through 2.41.0,...
Malicious code in storybook-core-core-server-presets-0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c26c4c0005ab8afcf7090a2e281324e67b2250f8a69956e559c51775ec00efca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6342 Malicious code in request-helmet (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 240e3c0e344b97358f5f4788bec6e5e1e1466f45e62d14e98953182412e0827f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6344 Malicious code in tailwind-theme-colors (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 800ed10781a721a0031fd7d044868ae828f7d28ce7f12d2953af3b6bfa3e3412 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in vite-plugin-js-support (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 623ab60cdb0568726940f6f7f51b62cad9f69bd835cbf4e9a0fcbda0530a307c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6345 Malicious code in vite-plugin-js-support (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 623ab60cdb0568726940f6f7f51b62cad9f69bd835cbf4e9a0fcbda0530a307c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6334 Malicious code in style-postprocessor (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25f023d8b7876e055cebe61a886a5fea11ea9b7c8eaeda3468cc1b18e27dfbe1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6333 Malicious code in solhint-plugin-lido-csm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e1653573c57f50f3e9d72fc8293e9051133742e8ea749ca7dda26c7eb89375 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6331 Malicious code in bfiweb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a11eb7ad8cdb090da115fa0307b994c6bfa5d824813589cb551dbb956c8607bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6318 Malicious code in testinghs (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9769d7e7fcf228fd4f1667968ced173bd9ba1ea9f2476bd11055f71c461b832 Any computer that has this package installed or running should be considered...
MAL-2025-6304 Malicious code in react-server-dom-turbopack-experimental (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 919b44a54d192c9600403c1ad155e8d4c1652c00f211b52d40f3b61893419ba9 Any computer that has this package installed or running should be considered...
MAL-2025-6305 Malicious code in react-server-dom-webpack-experimental (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2a08db68343b79c1eb43cde87320c0f9ebf1ad3ab6a4501cc1561d4bc247a94 Any computer that has this package installed or running should be considered...
MAL-2025-6244 Malicious code in jet-os-detection (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae12c732362620c804ce4ff9fc2e85cd4f861a8084f6b9016fe67ce31b57c955 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in preset-classic (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c8120ab1c8e211545c22d69165ccd550b96bd77fa18731c412d73f2c2a36640 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6235 Malicious code in tnet-dps (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 45ed1abbbf74a45b20d6fc72505538baf442bd7dc2879cf8958b815f12ccde79 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
IrfanView CADImage Plugin Buffer Overflow Vulnerability (CNVD-2025-16823)
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user data when parsing CGM files, which can be exploited by an attacker to execute code in the context of the current process...
A Bootiful Podcast: José Paumard, Java developer advocate and professor
Hi, Spring fans! In this installment, recorded at Devoxx UK 2025, I talk to the legendary professor of computer science and legend José Paumard about Java, the ecosystem, and more,...