Lucene search
K

8 matches found

OSV
OSV
added 2026/06/23 2:46 p.m.8 views

MAL-2026-6303 Malicious code in react-simple-utils-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 038aa6bccd8008fec1f309d718e53dd4b89e4ca15a976c6a80652e0dd58a5b58 Package advertises itself as 'a simple date formatting utility for React projects' 3-function index.js, but ships a postinstall.js that runs on every...

5.9AI score
Exploits0References17
CNNVD
CNNVD
added 2026/06/04 12:0 a.m.8 views

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device produced by Acer of Taiwan, China. The Acer M6E has a security vulnerability, which stems from the IDOR vulnerability in the summary service endpoint. This vulnerability fails to verify the user’s ownership of the hardware serial number,...

5.4CVSS5.3AI score0.00138EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/01/05 8:25 a.m.136 views

vpn_exploitation_tool

AD + Citrix VPN Data Harvester Modular Java tool for testing...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/06 12:49 p.m.5 views

Malicious code in solanacore (npm)

The package contains several malicious PowerShell and VBS scripts used to harvest browser data, take screenshots, log keystrokes, and establish startup persistence. It also bundles a password stealer and exfiltrates stolen data via Slack and Discord webhooks. --- -= Per source details. Do not edi...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.4 views

PT-2024-40533 · Microsoft +2 · Windows +2

Name of the Vulnerable Software and Affected Versions: gratient version 0.5 Description: The issue concerns a user-facing library used for generating color gradients of text, which contained obfuscated, malicious code in version 0.5. This malicious code targets Windows platforms, harvesting...

8.7CVSS7AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/01/03 12:0 a.m.3 views

PT-2024-40896 · Microsoft +2 · Windows +2

Name of the Vulnerable Software and Affected Versions: gratient version 0.5 Description: The issue concerns malicious code embedded in the library, which targets Windows platforms. This code is capable of harvesting information and credentials from the user's system and sending them to a remote...

7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2023/01/09 8:47 a.m.2 views

Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls

In yet another campaign targeting the Python Package Index PyPI repository, six malicious packages have been found deploying information stealers on developer systems. The now-removed packages, which were discovered by Phylum between December 22 and December 31, 2022, include pyrologin,...

7.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/10/28 10:52 a.m.12 views

data-harvest.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-691655 Description| Value ---|--- Affected Website:| data-harvest.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| hidden until disclosure Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| hidd...

0.1AI score
Exploits0
Rows per page
Query Builder