15486 matches found
MAL-2025-5722 Malicious code in react-fixtures-ssr (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d710afc7119dec419c22aa6e052c351680e8510317df2c1ea02c3ab56eec3bf4 Any computer that has this package installed or running should be considered...
DEBIAN-CVE-2025-38119
In the Linux kernel, the following vulnerability has been resolved: scsi: core: ufs: Fix a hang in the error handler ufshcderrhandlingprepare calls ufshcdrpmgetsync. The latter function can only succeed if UFSHCDEHINPROGRESS is not set because resuming involves submitting a SCSI command and...
MAL-2025-5592 Malicious code in comcastapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 31612a7938787ffe91079ad30056051f31a068066752a935bc2123267f409730 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5609 Malicious code in pupeteer-cluster-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1fe95354a3e77909ce12723e8b6920602c16294ebe131716c947de18ed799d18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5597 Malicious code in @figshare/old-viewers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b582af08f54b24b027eb8ffb5e56e63e4efff4c947ef2abb5fc552a7476539d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in poseidon-validate (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90aead430e86dd9f204e1a8db7e6adb050c5eeae8a938c3d570991ebac4c8ac4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5608 Malicious code in poseidon-validate (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90aead430e86dd9f204e1a8db7e6adb050c5eeae8a938c3d570991ebac4c8ac4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5612 Malicious code in grafana-lokiexplore-app (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1cc39d2244f7b9883cfc8aab3dbe6a56ff2c2fc6469f5b351b1321c1670f261f Any computer that has this package installed or running should be considered...
The vulnerability of the drivers/scsi/lpfc component in the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the drivers/scsi/lpfc component in Linux operating systems is related to the simultaneous execution using shared resources with incorrect synchronization. Exploiting this vulnerability can allow an attacker to cause service failures...
MAL-2025-5536 Malicious code in @frontend-clients/core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09d9aaa390d29f17fb6be0a0f730c5806ca1179876940237e6319d1378d0fbd3 Any computer that has this package installed or running should be considered...
MAL-2025-5534 Malicious code in grafana-pyroscope (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60f047f0a854cfa17b3119b25caf2e1a95069686aa77470689c2cfb55cddf1e0 Any computer that has this package installed or running should be considered...
Malicious code in hardhat-deploy-notification (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2081250ac75574ee18ddea2caa510104e94d2673de1ad4fa445d96559d2a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5559 Malicious code in hardhat-deploy-notification (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d2081250ac75574ee18ddea2caa510104e94d2673de1ad4fa445d96559d2a1f4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5544 Malicious code in chunk-validation (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e2ede01f53bb06fadc20c1b7cca9c6d00685c017c3d99901a5cd8791140e2ddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5583 Malicious code in solana-dextrade-parser (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6b8f89467fb69d00785530ca32444043368fe523570c7f428d485319782d845a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5550 Malicious code in dotenv-log (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 983b0b06a5013d619d699ddcdaf39ce8118a63537d7243760571684111b2c921 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in json-cookie-jar (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 41f728e1c9ab68496a0fe986aed6d7eeb7a4ed694379b812a032240c95e2e39b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bonnet-ltd (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 90d8066c671e4c70fdd26ffc5ac6d901d34541c2cff4aaaf2c118c977078aec4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5574 Malicious code in queshymouse (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c9ed49fc5c8d51a6b30914c50d0accfc41ed0ff18c278024d7305959eb9a7906 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in discord-rpc-presence (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 643ae80a9f56002d18b03d93bba332b1c1c49c5d45f995a1269030b4a3c90b7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...