15487 matches found
MAL-2025-4612 Malicious code in react-native-google-acm (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3987a453bfe3f7164232221b3a1a0f9c3c182a6581cf7a9241f4fbb7e77af649 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4606 Malicious code in simpledep2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 785bcea7a5a8db24e8f8da4bf42202ea0b4bc0a1628446dd0c5275e964bc422e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4671 Malicious code in @fronteg/react (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a00cbd466b7c4e34b73a25864bfbbf1d649af40b160cff27b859d85074a74fd7 Any computer that has this package installed or running should be considered...
CVE-2025-5297
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...
Malicious code in motion-exts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 601e06f31b115364fdcbdd0d794fb32ea363fdf0fcd281f3ce7f332b6337b8d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4598 Malicious code in motion-exts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 601e06f31b115364fdcbdd0d794fb32ea363fdf0fcd281f3ce7f332b6337b8d2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-48381
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. In versions starting from 2.4.0 to before 2.38.0, an authenticated CVAT user may be able to retrieve the IDs and names of all tasks, projects, labels, and the IDs of all jobs and quality...
CVE-2025-48381 CVAT has information disclosure via browsable API
Computer Vision Annotation Tool CVAT is an interactive video and image annotation tool for computer vision. In versions starting from 2.4.0 to before 2.38.0, an authenticated CVAT user may be able to retrieve the IDs and names of all tasks, projects, labels, and the IDs of all jobs and quality...
MAL-2025-4594 Malicious code in blesx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e5b8fa8d08e2e5e4608dc0698b4e0e20ce49e1c93bfdbb4b37334cda83f5f6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in blesx (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3e5b8fa8d08e2e5e4608dc0698b4e0e20ce49e1c93bfdbb4b37334cda83f5f6f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4603 Malicious code in safe-query-buffer (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 11febcd6756020266de031e6231af5b64b843075b41d5a57eee5646f44978a19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Computer Vision Annotation Tool 安全漏洞
Computer Vision Annotation Tool CVAT is a cvat.ai open source interactive video and image annotation tool for computer vision. A security vulnerability exists in Computer Vision Annotation Tool versions prior to 2.4.0 through 2.38.0, which stems from the possibility that an authenticated user may...
MAL-2025-4590 Malicious code in rest-icon-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1df42e0b9f4ff541c485fd5c4bb6ebabd85ce2a7aec08ffd4a6234650332ac9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in rest-icon-provider (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1df42e0b9f4ff541c485fd5c4bb6ebabd85ce2a7aec08ffd4a6234650332ac9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4589 Malicious code in pancakeswap-oracle-prediction (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3439b65dc3de1c6c43d4ec5ae0e3db4a1fe713e0606f8dc3037ad22dd5741467 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Iranian Hacker Pleads Guilty in $19 Million Robbinhood Ransomware Attack on Baltimore
An Iranian national has pleaded guilty in the U.S. over his involvement in an international ransomware and extortion scheme involving the Robbinhood ransomware. Sina Gholinejad aka Sina Ghaaf, 37, and his co-conspirators are said to have breached the computer networks of various organizations in...
CVE-2025-5297
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...
CVE-2025-5297
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...
CVE-2025-5297
CVE-2025-5297 affects SourceCodester Computer Store System 1.0; the Add function in main.c is vulnerable due to a stack-based buffer overflow when processing the argument laptopcompany/RAM/Processor. The issue requires local access to exploit. Multiple sources confirm the detail and indicate a la...
CVE-2025-5297 SourceCodester Computer Store System main.c Add stack-based overflow
A vulnerability, which was classified as critical, has been found in SourceCodester Computer Store System 1.0. This issue affects the function Add of the file main.c. The manipulation of the argument laptopcompany/RAM/Processor leads to stack-based buffer overflow. An attack has to be approached...