Lucene search
+L

367 matches found

ossf
ossf
added 2025/11/12 4:29 a.m.4 views

Malicious code in blitz-nodejs-postcss-umbra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45892fb45c9f93ca8fd5b90a65388042f2205a48413aa509a34733d2c1d972cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/12 4:29 a.m.4 views

Malicious code in standard-aquarius-css-loader-webdriver-mocha (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec05f0a48a6171709e472121b4da1b9b84e2fb0444facebb8acd27d908e38b1b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
osv
osv
added 2025/11/12 4:29 a.m.3 views

MAL-2025-139954 Malicious code in bellatrix-protractor-fomalhaut-css-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4aa076d16605f852f34a40ab150b55bcd62c3c8df33c8f1fa61916e50f8113 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:29 a.m.2 views

MAL-2025-142436 Malicious code in fetch-celeste-link-quantum (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ecd7a1846ff262e5c7b508f4b84abf81c837205c5ccd7d9dc7f3b32ee0d35ea0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/12 4:29 a.m.4 views

MAL-2025-142515 Malicious code in firebase-server-miranda-jupiter (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector beb4a7fb178cd7eadc112d909aa87f187fb04dd8148d9afd9a0ff5227a5d61e5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/11 8:46 p.m.3 views

MAL-2025-126564 Malicious code in fitri-gulai24-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11f4158c6be66fe91dc41a974e941ee78ea87955acb0d90e7e33eb2586ac4f89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/11 3:19 p.m.3 views

MAL-2025-116258 Malicious code in oktafian-getas91-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2e03984e55331ff69b3362fc64ecd66671c4eaa6db194722ba935941e9c91ace This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
osv
osv
added 2025/11/11 7:44 a.m.2 views

MAL-2025-103099 Malicious code in genuine_herring-notthedevs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18d29369f456300a389ed83a5095cf4080e0949835123621b77fced63f079cce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
ossf
ossf
added 2025/11/11 3:48 a.m.3 views

Malicious code in indah-jus94-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector faa5a069f51b4b31e0dead11e38de0753c2bfb9e4644af40653edc95b952f6df This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/11 2:29 a.m.3 views

Malicious code in tiara-gaplek54-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5030c856d5dd632f32549bf04836aca20e24da73b598b3d987d2aa921add2edc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/11 12:41 a.m.1 views

Malicious code in hurt-aquamarine-cephalopod (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d639ab780f7d703fa2d1acae8ca34701ced21d79f8997e8f70239b771c3863c2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/10 5:18 a.m.2 views

Malicious code in okta-naget14-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc5842bd4c0b94889e4d9d5828769e49a13b6f4fb13ae1a4738b0e1458378a58 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/10 5:18 a.m.3 views

Malicious code in rifqi-lapis6-ruro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fd6550c6acadd642ca3e6aeb276c5438a4fe223fe333d934dce55bf645951b54 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
cnnvd
cnnvd
added 2025/10/23 12:0 a.m.6 views

Rollbar.js 安全漏洞

Rollbar.js is a bug tracking and logging library from Rollbar open source. A security vulnerability exists in Rollbar.js versions prior to 2.26.5 and versions prior to 3.0.0-alpha1 through 3.0.0-beta5, which stems from a prototype contamination in the merge function that could lead to malicious...

5.9CVSS6.4AI score0.00358EPSS
Exploits0References5
cnnvd
cnnvd
added 2025/10/18 12:0 a.m.5 views

WordPress plugin WP Go Maps 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.7AI score0.00217EPSS
Exploits0References5
cnnvd
cnnvd
added 2025/10/15 12:0 a.m.5 views

SvelteKit 安全漏洞

SvelteKit is a set of Svelte open source web development framework. A security vulnerability exists in SvelteKit 2.27.3 and earlier versions, which stems from prototype contamination in the parseFormData function in formData.js, which could lead to a denial of service, type obfuscation, and...

8.3CVSS7.6AI score0.00516EPSS
Exploits0References3
packetstormnews
packetstormnews
added 2025/10/14 12:0 a.m.50 views

PromptLocate: Localizing Prompt Injection Attacks

Prompt injection attacks deceive a large language model into completing an attacker-specified task instead of its intended task by contaminating its input data with an injected prompt, which consists of injected instructions and data. Localizing the injected prompt within contaminated data is...

7.2AI score
Exploits0
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-11155

Malware in sbrugna...

5.1CVSS6.4AI score0.00245EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2012-2943

Malware in sbrugna...

7.5CVSS6.2AI score0.01616EPSS
Exploits0References6
cnnvd
cnnvd
added 2025/10/06 12:0 a.m.6 views

Flag Forge 访问控制错误漏洞

Flag Forge is an easy-to-use CTF platform open-sourced by FlagForge. An access control error vulnerability exists in Flag Forge versions 2.0.0 through prior to 2.3.2, which stems from a lack of authentication and authorization checks in the /api/admin/badge-templates and...

9.4CVSS6.7AI score0.00427EPSS
Exploits0References2
Rows per page
Query Builder