7333 matches found
MAL-2025-65608 Malicious code in tiara-tomat23-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bdc7837f3d3a684ee6b72cbde5299415b9e1f688c06691bed889c91a64c4670 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in surya-brongkos86-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e2534ecd6569e82a0915872924bc73c1b611e6736a0ad5c94f4c45c5bdd34b9d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-61906 Malicious code in arif-botok72-sluey (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6e90fef25cc884cdaa488caedffef5f13decbc104098a5af40e5e3666e0855 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
KLA90062 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A security feature bypass vulnerability in GitHub Copilot and Visual Studio...
MAL-2025-60899 Malicious code in multiple_marmoset_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 899f8e891ccedbee6d5559c011a67f63255a24a1d92a94418dde481cedcceedc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in parliamentary_bobcat_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 178631fbf4363e7ccc073a5d60f59e03d8f9ccaa910d703d940a363818c572b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in female_pony_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8d5c63b8c0a03c0aeca26524dbe95230bf0221e371732b016c8e3c1a5f8d00f8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-55354 Malicious code in bella-botok63-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcc7c423a5737258942d86c1b88aa0f0242fd803daaa16dbdaf5dbc1688489f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in fair_wildfowl_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e46a7ac0ee4db074a247a5976d00b134a0300c66bf30c3244a9bfd937717e503 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in ogi-keripik1-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e63196ab1a721693910ca4acfeee1f7104676de3a7b493949da8d3742a11ec0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-59376 Malicious code in wandering_cobra_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7725b833e9bbc4cce72ad274c6ab49611f60713070a366f50c9445d71ef7cfb1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in agus-telur33-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 908157e62994369a2eebc9e6be1ef583bf2762dbdca47bff2035392325f5e652 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Moderate: Red Hat Security Advisory: Red Hat Developer Hub 1.8.0 release.
Red Hat Developer Hub 1.8.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
CVE-2025-12155 Command Injection in Looker
A Command Injection vulnerability, resulting from improper file path sanitization Directory Traversal in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system. Looker-hosted and Self-hosted were found to be vulnerable. Th...
Malicious code in qori-bakwan94-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfdf9cfcd74cd3fe6421457f3a0cbd3733636e82a0aef97764f627317462efdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54117 Malicious code in patria-kacang82-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc50fc7cbbd187e227beae59cdb3994e8f37e441f82c013f224a27ed9e0afdb8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-54090 Malicious code in oktafian-telur63-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35122975f1549bde23d98820c8c09450a58c7dd7e216319fa07690d6505aa31b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-53137 Malicious code in kresna-rangginang100-devapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec8d5eb16c57658f39b8942a122f5bc8511ef9f03abfc8a9898fe25b587289ae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in gita-nasisayur38-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a492550863a563bbd801188f0a1ffa31969ecccad3dbe366d5092986d2591d6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-51925 Malicious code in galih-getas87-ruro (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90927df9d05d864de2327de4433a29ad4e0a0c172acaad3e782cd4fc1fd8e763 The package galih-getas87-ruro was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...