Malicious code in blipkitgit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e899e9940707fc06d8dce8080f1ea4e59dbdfbb122526755ce4006c4e226d92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-53015 Use After Free in Computer Vision

Memory corruption while processing IOCTL command to handle buffers associated with a session...

CVE-2024-53015 Use After Free in Computer Vision

Memory corruption while processing IOCTL command to handle buffers associated with a session...

CVE-2024-53015

CVE-2024-53015 describes a memory corruption issue in Qualcomm chipsets triggered when processing IOCTL commands to handle buffers for a session. The vulnerability affects IOCTL buffer handling code and is evidenced by multiple feeds (NVD and Red Hat advisories) reporting memory corruption withou...

VPI-Bench: Visual Prompt Injection Attacks for Computer-Use Agents

Computer-Use Agents CUAs with full system access enable powerful task automation but pose significant security and privacy risks due to their ability to manipulate files, access user data, and execute arbitrary commands. While prior work has focused on browser-based agents and HTML-level attacks,...

MAL-2025-4658 Malicious code in terraform-provider-leaseweb (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4805b99d4eef235ac9d4e28a0c763325dac930bac26423b95e7c74a2f7286df Any computer that has this package installed or running should be considered...

MAL-2025-4651 Malicious code in parabol-action (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d82468091c3a867fd7981eef0555f14edc29822f932782c0fac1bf9e67a15d7e Any computer that has this package installed or running should be considered...

MAL-2025-4634 Malicious code in vite-logging-patchers (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad6175bd8f5029571f264ac2f7c183d7d37e0d212c2389e025a9607ff8046f31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in log-trap-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dc12c22fb18702b22d35fa127f4f43058dc50f65393e6bbb1d666b48bb7d905 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in logs-bind (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a1b3e0356557e3a4e1419ab8464c700e9ed6ae5db88ab1e382780b8d2fbe622b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4629 Malicious code in logs-conf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef4a1814dc93accc153af6842fac26c03f1a685a3e32f0bba0fa8b91ccd0b2d5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4627 Malicious code in log-trap-catch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9dc12c22fb18702b22d35fa127f4f43058dc50f65393e6bbb1d666b48bb7d905 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in chromecast-caf-receiver (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da9e3bcff87fe759eb62b6219f1c17a42827aff60b6c54f8948d49f99ca5d015 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4625 Malicious code in chromecast-caf-receiver (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware da9e3bcff87fe759eb62b6219f1c17a42827aff60b6c54f8948d49f99ca5d015 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in yaml-mcp-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63f698f000e6c4702e971dcd3923f64bd9039710fde38e7329b170ba0266ac01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4632 Malicious code in rose-web3-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 86e7bba39177d14d11698b3ccaeca36599df068894146efc99d0ded173449d9f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4626 Malicious code in cx-hub-interaction-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17ef553f1f7cb91bd70d99d55deeb1c83c604b68581cbbfaac1f9bddfbdbe6e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4616 Malicious code in consumerweb-captcha (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7cee9c3e993b7ea96db267f4f869102dd00139de3ea743914d0273ef165a99a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4653 Malicious code in pkurbatsky-uni-kit (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7dbcb621ff6e34880a313bab99393077ebdbb6915411f35c9648e1741ce502d3 Any computer that has this package installed or running should be considered...

MAL-2025-4614 Malicious code in rosetta-elements (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 223577bf445eef54d28cca3d3d2015b497b5c23838c938f2a48411440b05f614 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...