150700 matches found
Astra Linux - уязвимость в ffmpeg
There is a heap-based Buffer Overflow vulnerability in FFmpeg 4.2, located in libavfilter/vfcolorconstancy.c, specifically in the slicegetderivative function within fadegetderivative. This vulnerability may lead to memory corruption and other potential issues...
ca.islandora.alpaca:islandora-alpaca-app (>=2.0.0 <=2.2.0), ca.islandora.alpaca:islandora-connector-derivative (>=2.0.0 <=2.2.0) +82 more potentially affected by CVE-2026-40860 via org.apache.camel:camel-jms (>=3.0.0-M1 <=4.14.6)
org.apache.camel:camel-jms MAVEN version =3.0.0-M1, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =3.0.0, =0.46, =0.3, =0.5, =0.1, =0.1, =1.0, =4.3.7.hyte-4307a, =4.3.7.hyte-4307a, =hyte-mq-4.3.7.hyte-43072 and more Source cves: CVE-2026-40860 Source advisory: SNYK:JAVA-ORGAPACHECAMEL-16321536...
@conglomerate/weaver (>=2.1.1 <=2.6.1), @derivative/derive (>=0.1.0 <=0.1.1) +10 more potentially affected by CVE-2025-69263 via pnpm (>=0.21.0 <=10.18.3)
pnpm NPM version =0.21.0, =2.1.1, =0.1.0, =0.1.0, =3.7.16, =2.3.0, =0.1.0, =0.2.7, =1.0.4, =1.0.7 Source cves: CVE-2025-69263 Source advisory: OSV:GHSA-7VHP-VF5G-R2FW...
Malicious code in tachyon-mesosphere-spinner-pm2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c0199d4ad6da5ed57f1010cac95dc16558ece4d84ae6e6c6fb857dc52e6c6370 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in web-route-final-nu-route (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a5c7be5f1d5e20af05a8a41845cf88aa11d49fe80adadaa957e21395a29b1a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in jwt-ursa-apollo-fornax (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b147dcd87db56bc5a5d09342b9ed22ecc8341125e96639fec4258dca2c485025 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in exoplanetology-link-commitlint-prosthetics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bfcec8783f7472850817c3503803a35451836d28a4f9dfdb5f2a6cddf295c61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in daemon-function-throw-file-dog (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5a73e261a4f17a185bcca6a3ab3abc503be436cc2631043966eea2b64c29a97 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in farout-quark-joviology-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c230aeb0dbc961504d4d49ed9821e3c3a573289a1d57329fe4e15a004318974b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in vuetify-greatfilter-terser-dysonswarm (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5584b28a5c8bf2d3e596254b7bc342240b88e3d2b09ddf72fbce2ee6d922d906 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in docusaurus-mdx-ionosphere-fermiparadox (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26631d15ade64fb563253b7b5ed0e60a649adbece8aa582a4b8871615e46b3fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in areology-polaris-gatsby-phoebe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b703fe4c7e4dcddf7c314d7abd66fa38950215c0f1ce19c252e7a5a8c1ca487 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in quito-rocket-radiant-middleware (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb1027d85e5f5fe77252e470808dec33a66a0131fb5706d9c2bdc7aef3e9a7b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in xanthus-dotenv-safe-markdownlint-xerxes (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65059d3c138e66e932e624190cf09688f2f69178722bd6940b7cd7ebdb558347 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in encrypt-meta-authenticate-log-string (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d7b652ac77988fd5095d31173051f104a9282bb6428032f99261ebbee04f6289 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gatsby-upgrade-aldebaran-antares (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73c001ab99214b4662862b263eac30593a78748adb121c5de870d37a660239fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in speleology-pipe-pino-puppeteer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc12667834e75d07b49fcd90c909c4159cb87514b0d23ee6ae4ae93afb1756b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ursa-process-query-metabolomics (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d9eb276d7c42a3eb8d32f6a4fd0ec8a87d3a091523a686fbe495218f0f56f05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in authenticate-scale-analyze-book-scale (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d038c7d079b519f31ce6b09657db6765d1d0007fe0b8bd295d08d7806e81e80a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in figures-middleware-proxima-jabbah (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4cbf4552596ae5fa6dd65d248b8c6308deae5517bbecc016d04d16fde823a4e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...