Lucene search
K

478 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added last week11 views

Malicious code in evm-typechain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a78b4d04410e295cbe340c95e6800a0777717d46ce136f0c30b5593d1bd9738 On require, index.js issues an HTTPS GET to https://www.jsonkeeper.com/b/PC5CK, passes the returned JSON cookie field to new Function'require',..., a...

6.7AI score
Exploits0References2
OSV
OSV
added last week8 views

MAL-2026-6932 Malicious code in evm-typechain (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a78b4d04410e295cbe340c95e6800a0777717d46ce136f0c30b5593d1bd9738 On require, index.js issues an HTTPS GET to https://www.jsonkeeper.com/b/PC5CK, passes the returned JSON cookie field to new Function'require',..., a...

6.5AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/07/07 5:55 a.m.3 views

kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.8AI score0.00168EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fixed a refcount leak in j721esocprobe. where ofparsephandle returns a node pointer with a refcount incremented. We should use ofnodeput on it when it is no longer needed. Added ofnodeput to avoid the refcoun...

5.5CVSS6.2AI score0.00245EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential integer overflow in imaappraisemeasurement. When the ima-modsig option is enabled, the value passed to evmverifyxattr may be negative, which could lead to an integer overflow issue...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ARM: davinci: da850evm: Avoid NULL pointer dereferencing In newer versions of GCC, a panic occurs in da850evmconfigemac when booting multiv5defconfig in QEMU under the palmetto-bmc machine. The issue arises from attempting to...

5.5CVSS6.3AI score0.00229EPSS
Exploits0References1
Snyk
Snyk
added 2026/05/14 3:49 p.m.16 views

Malicious Package

Overview evm-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 3:49 p.m.11 views

Malicious code in evm-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a7489773ccf098f6a3fd266658caa0ef6b48978619a9786e69b43db94758c7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/14 3:49 p.m.5 views

MAL-2026-3726 Malicious code in evm-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6a7489773ccf098f6a3fd266658caa0ef6b48978619a9786e69b43db94758c7e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/15 10:5 p.m.11 views

Malicious code in chai-as-evm (npm)

chai-as-evm is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References1
OSV
OSV
added 2026/04/15 10:5 p.m.7 views

MAL-2026-2889 Malicious code in chai-as-evm (npm)

chai-as-evm is a malicious npm package that when imported downloads a C2 dropper from https://jsonkeeper.com/b/FAWPU and executes it similar to malware in to chai-await-test. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...

5.7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/03/11 2:53 p.m.30 views

Cosmos EVM: incorrect state handling during nested EVM execution paths

Advisory ID: ASA-2026-002 Component: ICS20 Precompile Status: Resolved Published: March 2026 Contact: [email protected] --- Security Advisory ASA-2026-002 Status: Resolved. A patch is available and all known affected chains have either applied mitigations or upgraded. | Field | Value | | ---...

6AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/03/11 2:53 p.m.2 views

GHSA-54GX-3CGR-7MFM Cosmos EVM: incorrect state handling during nested EVM execution paths

Advisory ID: ASA-2026-002 Component: ICS20 Precompile Status: Resolved Published: March 2026 Contact: [email protected] --- Security Advisory ASA-2026-002 Status: Resolved. A patch is available and all known affected chains have either applied mitigations or upgraded. | Field | Value | | ---...

9.3CVSS6AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/06 8:59 p.m.9 views

`uniswap-utils` was removed from crates.io for malicious code

It depended on the evm-units crate, which appeared to be attempting to steal cryptocurrency...

5.3AI score
Exploits0References3Affected Software1
OSV
OSV
added 2026/02/06 8:59 p.m.4 views

GHSA-X468-PHR8-H3P3 `uniswap-utils` was removed from crates.io for malicious code

It depended on the evm-units crate, which appeared to be attempting to steal cryptocurrency...

5.4AI score
Exploits0References2
OSV
OSV
added 2026/02/06 8:55 p.m.3 views

GHSA-6662-54XR-8423 `evm-units` was removed from crates.io for malicious code

It appeared to be attempting to steal cryptocurrency...

5.4AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/02/06 8:55 p.m.11 views

`evm-units` was removed from crates.io for malicious code

It appeared to be attempting to steal cryptocurrency...

5.3AI score
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002286)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002286 advisory. The evmupdateevmxattr function in security/integrity/evm/evmcrypto.c in the Linux kernel before 3.7.5, when the Extended Verification Module EVM is enabled, allows...

6.2CVSS5.7AI score0.00357EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002454 advisory. The evmverifyhmac function in security/integrity/evm/evmmain.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to...

5.5CVSS6.5AI score0.00442EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003094 advisory. The evmverifyhmac function in security/integrity/evm/evmmain.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to...

5.5CVSS6.5AI score0.00442EPSS
Exploits0References15
Rows per page
Query Builder