Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.1 views

EUVD-2022-0373

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00433EPSS
Exploits1References4
RedhatCVE
RedhatCVEadded 2025/05/23 1:17 a.m.6 views

CVE-2022-38883

The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

9.8CVSS6.9AI score0.00433EPSS
Exploits1References1
Veracode
Veracodeadded 2022/09/20 5:1 a.m.19 views

Remote Code Execution (RCE)

d8s-math is vulnerable to remote code execution. The vulnerability exists because the library does not properly handle the package upload mechanism, allowing an attacker to inject and execute malicious packages...

9.8CVSS9.7AI score0.00433EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2022/09/19 4:15 p.m.10 views

CVE-2022-38883

The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

9.8CVSS6.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2022/09/19 4:15 p.m.2 views

CVE-2022-38883

The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

9.8CVSS5.8AI score0.00433EPSS
Exploits1References4
OSV
OSVadded 2022/09/19 4:15 p.m.2 views

PYSEC-2022-43121

The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

9.8CVSS7.2AI score
Exploits0References3
PyPA
PyPAadded 2022/09/19 4:15 p.m.5 views

PYSEC-2022-43079

The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

9.8CVSS7AI score0.00433EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2022/09/19 4:15 p.m.0 views

PYSEC-2022-43079

The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

9.8CVSS5.9AI score
Exploits0References3
CVE
CVEadded 2022/09/19 3:30 p.m.39 views

CVE-2022-38883

CVE-2022-38883 concerns the Python package d8s-math on PyPI, with the democritus-strings backdoor in version 0.1.0. The vulnerability, as described by multiple sources (NVD/Red Hat/OSV/Veracode/PYSEC advisories), enables potential remote code execution via the package download/upload mechanism, w...

9.8CVSS9.4AI score0.00433EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2022/09/19 12:0 a.m.1 views

PT-2022-37384 · Pypi · Democritus-Strings +1

Name of the Vulnerable Software and Affected Versions: d8s-math version 0.1.0 Description: The issue concerns a potential code-execution backdoor inserted by a third party into the d8s-math package for Python, distributed on PyPI. The backdoor is identified as the democritus-strings package...

9.8CVSS7.2AI score
Exploits0References4
CNNVD
CNNVDadded 2022/09/19 12:0 a.m.1 views

Democritus Project 代码问题漏洞

Democritus Project is a collection of simple, effective, modular, fully tested and well-documented features from Democritus, Inc. A security vulnerability exists in Democritus Project d8s-math version 0.1.0, which stems from the presence of a potential code execution backdoor inserted by a third...

9.8CVSS8.8AI score0.00433EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2022/09/19 12:0 a.m.3 views

PT-2022-24608 · Unknown +1 · Democritus-Strings +1

Name of the Vulnerable Software and Affected Versions: d8s-math version 0.1.0 Description: The d8s-math for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. Recommendations: For version 0.1.0,...

9.8CVSS9.6AI score0.00433EPSS
Exploits1References7
Rows per page
Query Builder