15486 matches found
MAL-2025-4739 Malicious code in db-prod-interno (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e74e2b29ed3bfab5c8c71abca03cf2cdd9b065043c14def8d9db5f65d41c60b Any computer that has this package installed or running should be considered...
MAL-2025-4754 Malicious code in nginx-internal (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5a0f4d116d3fd75c3c8061c91010e1f912625a9860c89e5af3d3c912296d06de Any computer that has this package installed or running should be considered...
MAL-2025-4763 Malicious code in samba-core (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ac75992403506206a4cac9274cfd007d488518e22ee13ded71dc02282208b71 Any computer that has this package installed or running should be considered...
MAL-2025-4732 Malicious code in bsamba (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fbd80a32e0db7567c4cdb3ae72a88e248bebdf428ab9979e0c7ed4456a4399f3 Any computer that has this package installed or running should be considered...
MAL-2025-4759 Malicious code in prod-interno (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4035c6d117b770c0967c5755bf98b52e5b1545995f5af7e8d0f470556b0b4373 Any computer that has this package installed or running should be considered...
MAL-2025-4765 Malicious code in staging-tools (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 061358db77d2084ccc01236a956a493bd28d6e2f975a14bcd9651699a3eaf352 Any computer that has this package installed or running should be considered...
MAL-2025-4747 Malicious code in internal-auth (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6993797579f8f069d60fca14d78ba83e317c578b85e1d0d6c89b395247d0bf1 Any computer that has this package installed or running should be considered...
MAL-2025-4733 Malicious code in c2pa-js (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8983a214dc0d52693f13d8a50f2e5d171641b4b847ce37ea539b48f94971e5e0 Any computer that has this package installed or running should be considered...
MAL-2025-4767 Malicious code in tcp-app-activation-react (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a8b8acee879d06b50ea282023a2896ab53ab591f61f99513e23bc3a582e3bc1d Any computer that has this package installed or running should be considered...
MAL-2025-4727 Malicious code in ach-spa-facephi (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dd75f718721082889a41c284f8f6a36bc2940f0041d4ff2257a7065e040b7d9c Any computer that has this package installed or running should be considered...
QualitEye: Public and Privacy-Preserving Gaze Data Quality Verification
Gaze-based applications are increasingly advancing with the availability of large datasets but ensuring data quality presents a substantial challenge when collecting data at scale. It further requires different parties to collaborate, therefore, privacy concerns arise. We propose QualitEye--the...
Combating Reentrancy Bugs on Sharded Blockchains
Reentrancy is a well-known source of smart contract bugs on Ethereum, leading e.g. to double-spending vulnerabilities in DeFi applications. But less is known about this problem in other blockchains, which can have significantly different execution models. Sharded blockchains in particular general...
MAL-2025-4704 Malicious code in stake-config (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 505bc2ea5f7bcdaeafd338ab86be15a36425335f5d45c1b2d5d03d43068ab07f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-49009 Para Inserts Sensitive Information into Log File for Facebook authentication
Para is a multitenant backend server/framework for object persistence and retrieval. A vulnerability that exists in versions prior to 1.50.8 in FacebookAuthFilter.java results in a full request URL being logged during a failed request to a Facebook user profile. The log includes the user's access...
MAL-2025-4735 Malicious code in conventional-changelog-action (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 824c344ea468bb338b2b69885de649068ca830ed86879b6b8d0142a646097470 Any computer that has this package installed or running should be considered...
MAL-2025-4678 Malicious code in @sasmeee/wabetainfo (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7027d0725ce64bc70ef8e7bfcafb2c6d3bf6101d0c98cf6d2e52f59a04fd87ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in @sasmeee/igdl (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50d2d88fbf066d2cf61e4e0c78589fb68f9b35f261c3ee3bf1c852cb431272ed Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4672 Malicious code in @sasmeee/demoupload2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 010f01398a3d762a2f78d4620f4495c5cf865adc1d236a2c1b5f637a8429cf18 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4676 Malicious code in @sasmeee/test-theme (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67fed36f82c28952db0d301720c1d3e6a90d1c74f3c0ed4442b8731b1c9fc4e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in pizza-delivery (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 32883280f27dee6f08c25f84fa750e17fad3b3193488b14da6a77cddf52ef582 Any computer that has this package installed or running should be considered...