15485 matches found
Malicious code in internallib_v687 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6318396222e5333ad64494337976e8a02c2b768d761e3cc59c41dcfb18e57570 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6163 Malicious code in get-latest-workflow-artifact (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9d2fe1e8a2dd5f7f462bc112e5e6f5740518b4ade0c28f710ddb195f0415cbdd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6197 Malicious code in scenes-testing (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ede91952fd4d242e34d4fdd634b5d10a0f0d16145af1bfbfe011b8c5c1d02501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in airbnb-javascript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a1d7d33c25e202a6ad49fb54065863092fb024863cb59952744ea002c333bab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in airbnb-shims (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f76fda5dc4d9010b0a0adb54190e014c01ed266b27db4335bc079d0035081c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6147 Malicious code in airbnb-javascript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8a1d7d33c25e202a6ad49fb54065863092fb024863cb59952744ea002c333bab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6202 Malicious code in tfjs-backend-nodegl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f21880e33cab4a48939f274436f6f33953a8b4eaafb7f850ac6492008d81bac8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6193 Malicious code in ppsdkconstants (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc09f5bfdfd7725488af3e5502891485f650447a780f7e5ad6f839ae7d3120b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6153 Malicious code in axios-hehe (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e13d64444d4757217cb743320d70709377a6c8e7d19addff182ee6430b42afb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-7275
IrfanView CADImage Plugin CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...
MAL-2025-6087 Malicious code in dewiz-xyz (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e73eec59fc359ccdddf7aea6963be27ed045429eae410109c1d749dae6761e51 Any computer that has this package installed or running should be considered...
Malicious code in dewiz-xyz-protego (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12df6549a4cbc6f4567449f311e376161847587f484c17de41234a4475bb0a3e Any computer that has this package installed or running should be considered...
MAL-2025-6018 Malicious code in vite-lightsparse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10e940b9ceb264d366ff66c1c0dcdb57cf63b7a7664ff61db7b18a4523944e4b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6017 Malicious code in evmlogger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e7f613dff9c5a8240615af13856874523566cf158ec5fb8209a17f98b2359c50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6019 Malicious code in websyncer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f28928dae23e5b709d60631f287c84a15f4bf8bf64751f67c67ac46659174837 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
IrfanView CADImage Plugin 缓冲区错误漏洞
IrfanView CADImage Plugin is a CAD plugin from IrfanView, Inc. IrfanView CADImage Plugin suffers from a buffer error vulnerability that stems from a lack of validation of user-supplied data when parsing CGM files, which could lead to out-of-bounds reading and execution of arbitrary code...
IrfanView CADImage Plugin 缓冲区错误漏洞
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing CGM files, which can be exploited by an attacker to execute code in the context of the current...
IrfanView CADImage Plugin 缓冲区错误漏洞
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user-supplied data when parsing CGM files, which can be exploited by an attacker to execute code in the context of the current...
IrfanView CADImage Plugin 缓冲区错误漏洞
IrfanView CADImage Plugin is a CAD plugin from IrfanView. IrfanView CADImage Plugin suffers from a buffer overflow vulnerability that stems from a lack of validation of user data when parsing CGM files, which can be exploited by an attacker to execute code in the context of the current process...
Microsoft PC Manager Access Control Error Vulnerability (CNVD-2025-17139)
Microsoft PC Manager is a computer management software from Microsoft USA, which can be used for one-click acceleration, system space management, pop-up window management, and comprehensive physical examination. An access control error vulnerability exists in Microsoft PC Manager. An attacker can...