15485 matches found
MAL-2025-5858 Malicious code in @stride-mfe/wmc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 77cc9defe144c1f3b98ce1ea8f91ca33aaf789c8ed02f2ee137861782c89f711 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5860 Malicious code in @yinc/ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74db2471c4bf5c01eb2ac82689c8380eceda821e75fc6e60b1455306958ebe31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5864 Malicious code in symphony-cryptolib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8216b9fdde76a4f40936fd19fbe9a3a7d73dcf66ffdde04c6cf54ee965448b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5850 Malicious code in @cbre-internal/mapping-component (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3eff43200220833028b414d72d609d46c1bf24b68f38bee948abf760729d76e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5861 Malicious code in aspnet-asset-management (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 068ec09bafae1223e1ebcc83c97b674b7188dd9ca13b5b73d241bccad793bf88 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
The vulnerability of the CADImage plugin in the IrfanView software, which is used for viewing and playing graphic, video, and audio files, allows a hacker to execute arbitrary code.
The vulnerability of the CADImage plugin for viewing and playing graphic, video, and audio files in IrfanView arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafte...
MAL-2025-6127 Malicious code in spl-token-v2 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11bf75d7bf296658cc93ae700f5656d24c455151b1cb8db46389ec375fbc286 Any computer that has this package installed or running should be considered...
scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort()
...
Endress+Hauser MEAC300-FNADE4 SQL Injection Vulnerability
The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. An attacker...
SUSE CVE-2025-38289
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Avoid potential ndlp use-after-free in devlosstmocallbk Smatch detected a potential use-after-free of an ndlp oject in devlosstmocallbk during driver unload or fatal error handling. Fix by reordering code to avoid...
MAL-2025-5785 Malicious code in jquery-zoomer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware acbf4e3c76ef6d0551f9bcc3420755fcabf7d985871c714a3ea7cfdcb43a6d94 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pkgsite (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5342744a43bef74cacd9dd96822d1ef228384fe12a9a4d22fd8cc0a4fcfde6c1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in teeble (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 87deeee00c8045cff04871c3dacb0e761b812fb25c0622a5aa66bc034f16d61d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5797 Malicious code in supabase-react (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d99002d0e83f91ca297ecb91950c973f76ba284c9b63eba89946e9bfac2672de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6184 Malicious code in nbastatsleftnav (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 514ea2a983874eb46d5517a63e127b2503b1f9a0dc1ffa0a726e5f1dbd7559b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5778 Malicious code in grafana-polystat-panel (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16c78bb4eab009d5ca0b36e692021c2f9d402df7bef90eb6642dee10f8e69095 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5799 Malicious code in tv-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware addb927c8910ec93507080bad17c52b12df866249c823ceb79970bda06bc74d6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in sqltools-kusto-driver (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0b4f7793f8ffb915758717bd05607ceb0b5f0d1525a564240e518e4191985f95 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5773 Malicious code in dt-internal-linter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5c720ae7505ae2c4d74c0ce8cea7fdb4961f4de5c0fddc8c485c7b66c87097d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5783 Malicious code in intel-gdb-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f9e59a0db399c7f1fa0d97b250969ebd703c83cb6c7e03b6ab8a3ec34f67746d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...