Oracle REST Data Services 安全漏洞

Oracle REST Data Services is a middleware tool provided by Oracle Corporation in the United States, which exposes features of the Oracle database to applications through RESTful APIs. Versions 24.2.0 to 26.1.0 of Oracle REST Data Services have security vulnerabilities. These vulnerabilities stem...

WordPress plugin Download Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress plugin EmailKit – Email Customizer for WooCommerce & WP 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

WordPress plugin Phrase TMS Integration for WordPress has security vulnerabilities.

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...

MAL-2025-187206 Malicious code in graphql-nightmare-css-loader-abiogenesis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 827a1eab8ee4f7a8518854247fd592f6a76ba721ba6900d144ce9f687b27a255 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in dynamo-mini-css-extract-plugin-cosmicsilence-frontend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce8e478555161d23346f7ff922f8c5628d28d7fb3aafb9004466f99613fec9ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-180204 Malicious code in teate-thy-sonic-bocbew (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b895382fb113fb750c07308afd3e564c99a2238e4aa432ac781075812e271335 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aimanfouad (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 55fe8606b42f35946671f16161e3879f69cf5f8a0dd5c7e5b16ff8002dbb801a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in aben-poke18 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fbe22a33b98069b266d21f4ff1a202050e8385870edc55e75f9db9a7ee39de7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in algol-telesto-apex-chariklo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 425b83e13d92f3becda19f44cce35a2acd7176f48142e6269f60842582d3f0da This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-146939 Malicious code in quark-toml-iota-nashira (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7c32721632d64f23304482bb6565212889262dac6c7be4198546fa527e9be39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-131439 Malicious code in xaver-mieayam65-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76056375238c15cd2e104a57815c9f4caa7a2941ee74fdb1e2d217b6aa5a0025 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in civic_deer_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992abfcc3100c2cd48b0e9490c3081e6da7a415eedba9a6572a880e650c7127 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in few_ox_fuchsia-83 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c010b6b8e9da2794fbbf7c5ffb868eb93def9e759310026724bec71ca7a5aace This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-85664 Malicious code in fitri-tomat56-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5df197212ef937b35e0c4e30ed558d305880a997fe6ca138c04004308e3fc670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in gilang-taiwan57-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d42f1eafe2d7b9b9a64fa55c168a141608846318d44ac167075650fb596b642 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-69273 Malicious code in male-bronze-anglerfish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 59ade0606a2f17268e3219ac5dfe59687f358465ed6f11f3262d0766f261994a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

CVE-2025-53064

Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite component: Personalization. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications...

EUVD-2025-24446

Malicious code in bioql PyPI...

mysql: InnoDB unspecified vulnerability (CPU Jul 2025)

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...