Lucene search
+L

162 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/10 10:8 a.m.4 views

Malicious code in @pa-client/power-code-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 60c9037c2e5ca709c20fd2beb65a40e9649cbc3735c1989647ba5aae2889672d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/05 8:58 p.m.7 views

com.azavea.geotrellis:geotrellis-server-core_2.11 (>=4.0.1 <=4.2.0), com.azavea.geotrellis:geotrellis-server-ogc_2.11 (>=4.0.1 <=4.2.0) +145 more potentially affected by CVE-2025-58369 via co.fs2:fs2-io_2.11 (>=1.0.0-M1 <=1.1.0-M1)

co.fs2:fs2-io2.11 MAVEN version =1.0.0-M1, =4.0.1, =4.0.1, =4.0.1, =0.4.0, =0.4.0, =5.0.0, =2.0.0, =1.1.0, =1.0-M1, =0.10.0, =0.11.0, =0.1.0, =0.0.3, =0.0.3, =0.0.8 and more Source cves: CVE-2025-58369 Source advisory: OSV:GHSA-RRW2-PX9J-QFFJ...

5.3CVSS5.8AI score0.00398EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.3 views

Malicious code in html-webpack-plugin-babel-express-inquirer (npm)

The package html-webpack-plugin-babel-express-inquirer was found to contain malicious code...

7AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 10:33 a.m.5 views

Net::Dropbear versions through 0.16 for Perl contains a dependency that may be susceptible to an integer overflow

...

6.5CVSS7AI score0.00275EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-10753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse- cdt, and all versions prior to version 3.0.1 for...

5.9CVSS6.3AI score0.00724EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.11 views

change-object (=0.0.0), cli-qa (=2.0.0) +7 more potentially affected by unknown CVE via run-serially (=0.0.0)

run-serially NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on run-serially and may be impacted: - change-object =0.0.0 - cli-qa =2.0.0 - comma-list =0.0.0 - fd-select =1.0.0 - frp-tick =1.0.0 - innkeeper =1.0.4 - limited-parallel-loop...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/12 9:40 a.m.14 views

app.cash.lilbitcoinj:lilbitcoinj-core (>=0.0.2 <=0.0.3), app.cash.lninvoice:ln-invoice (>=0.0.1 <=0.0.6) +1309 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk15to18 (>=1.63 <=1.77)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.63, =0.0.2, =0.0.1, =0.2.9, =0.1.0, =0.2.1, =0.2.0, =1.0.0, =1.0.1, =0.2.0, =0.2.0, =1.0.0.RELEASE, =1.0.0, =1.0.0.RELEASE, =2.7.0 and more Source cves: CVE-2025-8885 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11777845...

6.3CVSS6.6AI score0.00541EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/16 12:30 p.m.9 views

africa.absa:inception-application (>=1.0.0 <=1.2.0), ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0) +5879 more potentially affected by CVE-2025-22227 via io.projectreactor.netty:reactor-netty-http (>=1.0.0 <=1.2.7)

io.projectreactor.netty:reactor-netty-http MAVEN version =1.0.0, =1.0.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1...

6.1CVSS6.3AI score0.0034EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/07/15 2:26 p.m.13 views

be.atbash.test:integration-testing (=2.2.0), be.atbash.test:integration-testing-database (=2.2.0) +641 more potentially affected by CVE-2025-48795 via org.apache.cxf:cxf-core (>=4.0.0 <=4.0.6)

org.apache.cxf:cxf-core MAVEN version =4.0.0, =1.0.0, =12.1-7-21, =0.0.1, =2.70.0, =2.71.1 - com.codbex.kronos:codbex-kronos-commons =2.70.0 - com.codbex.kronos:codbex-kronos-components-api-parent =2.69.0 - com.codbex.kronos:codbex-kronos-components-engine-xsjob =2.69.0 and more Source cves:...

5.6CVSS6.5AI score0.00624EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/14 12:0 a.m.4 views

PT-2025-29518 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.5 Description: WeGIA is an open source web manager designed for the Portuguese language and charitable institutions. A SQL Injection vulnerability exists that allows the execution of arbitrary SQL commands,...

10CVSS7.4AI score0.00462EPSS
Exploits1References7
vulnersOsv
vulnersOsv
added 2025/06/10 7:54 a.m.10 views

ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.11 (>=0.0.25 <=revert-391-thread-0.0.24) +5770 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka-clients (>=2.0.0 <=3.9.0)

org.apache.kafka:kafka-clients MAVEN version =2.0.0, =0.0.62, =0.0.25, =0.0.25, =0.0.25, =0.0.86, =0.0.86, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =0.0.6, =1.0.6, =1.0.6, =0.0.2, =0.3.0 and more Source cves: CVE-2025-27819 Source advisory: SNYK:JAVA-ORGAPACHEKAFKA-10350513...

7.5CVSS6.6AI score0.00878EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/06 3:49 p.m.8 views

com.erudika:para-jar (>=1.30.0 <=1.50.7), com.erudika:para-war (>=1.24.4 <=1.49.5) potentially affected by CVE-2025-49009 via com.erudika:para-server (>=1.24.4 <=1.50.7)

com.erudika:para-server MAVEN version =1.24.4, =1.30.0, =1.24.4, =1.49.5 Source cves: CVE-2025-49009 Source advisory: OSV:GHSA-QX7G-FX8Q-545G...

6.2CVSS5.8AI score0.00145EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/05/05 8:47 p.m.5 views

01os (=0.0.14), 21cmpsdenoiser (>=1.0.0 <=1.0.2) +25918 more potentially affected by CVE-2025-4287 via torch (>=1.0.0 <=2.9.1)

torch PYPI version =1.0.0, =1.0.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.3, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.0.16 - a1facts =0.2.6 and more Source cves: CVE-2025-4287 Source advisory: SNYK:PYTHON-TORCH-10332643...

4.8CVSS5.7AI score0.00155EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.3 views

cbtham-feast-az-provider (=0.2.299), elemeno-ai-sdk (>=0.0.5 <=0.6.11) +26 more potentially affected by CVE-2024-11602 via feast (>=0.14.1 <=0.9.9)

feast PYPI version =0.14.1, =0.0.5, =0.0.1, =0.1.0, =0.1.0, =0.3.0, =0.1.1, =0.1.0, =0.0.2, =1.0.0, =1.0.0, =0.1.0, =0.4.0rc1 - mlops-ods =0.1.202406281646 and more Source cves: CVE-2024-11602 Source advisory: SNYK:PYTHON-FEAST-9510933...

7.4CVSS7AI score0.00283EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/02/13 1:18 p.m.4 views

Malicious code in bprinter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 60e98383c92d7a5641f3cf793495e55df40673a30bc462affc499d56cdd47e56 Infostealer with multiple possibilities, but not auto-activating on installation. There are already multiple attempts to publish it, with different...

7.2AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/02/11 3:32 p.m.7 views

date-a-scientist (>=0.1.18 <=0.1.19) potentially affected by CVE-2024-12366 via pandasai (=2.3.0)

pandasai PYPI version =2.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on pandasai and may be impacted: - date-a-scientist =0.1.18, =0.1.19 Source cves: CVE-2024-12366 Source advisory: SNYK:PYTHON-PANDASAI-8715593...

9.8CVSS5.8AI score0.01183EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/02/06 6:31 a.m.7 views

ai.ancf.lmos:arc-runner (>=0.1.1 <=0.120.0), ai.bizone:json-transform (>=1.0.0 <=1.16.0) +5216 more potentially affected by CVE-2023-1370 +1 more via net.minidev:json-smart (>=2.5.0 <=2.5.1)

net.minidev:json-smart MAVEN version =2.5.0, =0.1.1, =1.0.0, =0.6.0, =0.5.0, =0.7.0, =3.10.0.5, =0.5.0, =0.1.0, =1.5.3.RELEASE, =1.5.4.RELEASE, =1.5.4.RELEASE, =2.0.0, =1.3.3, =1.4.0 and more Source cves: CVE-2023-1370, CVE-2024-57699 Source advisory: SNYK:JAVA-NETMINIDEV-8689573...

7.5CVSS6.6AI score0.01119EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/10/26 9:30 p.m.7 views

1game-texas-holdem (>=1.2.0 <=1.11.1), @1studio/ui (>=1.0.0-beta.1 <=3.9.0) +995 more potentially affected by CVE-2020-26308 via validate.js (>=0.10.0 <=0.13.1)

validate.js NPM version =0.10.0, =1.2.0, =1.0.0-beta.1, =5.0.1, =0.1.0, =1.0.6, =3.3.20, =2.0.0-alpha.1, =0.3.9, =1.3.0, =1.2.1, =0.3.12, =1.3.12, =0.1.1, =0.1.26 and more Source cves: CVE-2020-26308 Source advisory: OSV:GHSA-RV73-9C8W-JP4C...

8.7CVSS5.4AI score0.00493EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/10/15 6:30 p.m.7 views

0-1-project (=0.0.1), 0.8.18-p11 (=0.8.18-p12) +60844 more potentially affected by CVE-2024-9506 via vue (>=2.0.0-beta.1 <=2.7.9)

vue NPM version =2.0.0-beta.1, =1.0.0, =0.0.1, =1.0.0, =0.1.0, =1.1.0, =1.2.3 - 11260plugin-plm =0.1.0 and more Source cves: CVE-2024-9506 Source advisory: OSV:GHSA-5J4C-8P2G-V4JX...

3.7CVSS6.6AI score0.00507EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/10/04 6:30 a.m.7 views

ar.com.jmfsg:api-doc (>=0.0.20 <=0.0.34), au.com.dius.pact:au.com.dius.pact.gradle.plugin (>=2.1.1 <=2.1.12) +2259 more potentially affected by CVE-2024-47855 via net.sf.json-lib:json-lib (>=0.7.1 <=2.4)

net.sf.json-lib:json-lib MAVEN version =0.7.1, =0.0.20, =2.1.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.2, =3.5.4-rc.1, =2.4.2, =2.4.20 and more Source cves: CVE-2024-47855 Source advisory: OSV:GHSA-WWCP-26WC-3FXM...

5.3CVSS5.8AI score0.17572EPSS
Exploits0
Rows per page
Query Builder