7425 matches found
Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in axios-1.8.3.tgz
Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in axios-1.8.3.tgz Vulnerability Details CVEID:CVE-2025-58754 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30.2 and 1.12.0 runs on Node.j...
MAL-2025-117077 Malicious code in sinta-otak-otak94-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9f73386fc7c35fc34451aa593f18f63a6802f996f034cf7bc6c2d0294353177 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-116955 Malicious code in sari-ketan35-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd2c7e6f59859d0c5a0823ff4d18b2951d35943dd55ace5c0764a752317fb0f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-117625 Malicious code in umi-kembang10-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1c514fc2f373dc77576cb5d12168b51c055631c3785c8fee0117f0877d372ed6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in yuni-mendut36-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bc94fb93ac46c4361ab83157795d0e4e35d290cfda99992e91741e5797218686 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in patria-bakso27-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7475451a1b135c53573b7dba8b839262e20ae0940f77cbbabb27058e5e3a1d39 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-114881 Malicious code in irma-moci5-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 11c9377c748ca0b62bb44eafd3077484ef112aeb9e2affada816a6b9a4a3575c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-113866 Malicious code in fajar-mieaceh35-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00da7d5f35e19df4eb83c643d899ff8c9ec5f12ab2efb8d277ff155aa6d941e7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-117247 Malicious code in sunny_ostrich_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 905d8c46b7c30d53906d2c584ad7f5ecb7e5e70b9299f0db566ae4715e5410bd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-114778 Malicious code in indah-peyek82-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c776eba72a951378779a82c0e01313b610e4790347e68e37919adb9f01cecdc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-117677 Malicious code in unexpected_dingo_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 83fe663c57a8d5879a23405c715eb9de759272cbcefc1204b421775224c85918 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-117798 Malicious code in vera-rangginang39-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3b459eff662eae359f4c790f799d7f138946e08a42b0155679d132075abe6ee3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-117716 Malicious code in utomo-jamblang17-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1dc700ff90f6365a319d1d8ea0935afe57fd5b0f07c536ea19bcb22f2557b359 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in putri-kue93-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4224edff97aae510af51e8e7b025dde29b9752fb701ecab3278fa7d65909474c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-12155
A Command Injection vulnerability, resulting from improper file path sanitization Directory Traversal in Looker allows an attacker with Developer permission to execute arbitrary shell commands when a user is deleted on the host system. Looker-hosted and Self-hosted were found to be vulnerable. Th...
Malicious code in key_albatross_orange-14 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d268671cec5e80ea66cf5a1827f8ecb2eb829ecd76db8d634c71ff286e1f1e30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in qnnkan-devapp (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84fba9cd6e1f1fb39237b9e93728fd33c0a5c50f3ba8843bb7f8635ffa02f00c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in expensive_roundworm-gooddev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e40d4dd59ce6497e1ae95a347a9cfa40f8e9767ef3e36cf87cfec7f6b1d877a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in marxist_sturgeon-smiletea (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5744873204580592871c4fe41b504defe00fbc009c7cda54cd08c3b52fa0f210 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in quickest_woodpecker-excellentdev (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1f592df82d9c0671aead367d26cc922ace2f2719654c3f1d233355473111e0f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...