MAL-2025-1217 Malicious code in example-advanced (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fe22841f48a20657900f7b7c76268c6243981bb55e440bc22345c6b8831d42f6 Any computer that has this package installed or running should be considered...

Malicious code in webhook-example-coinbase-commerce-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware caf969b51a297b05f640bf97cc7a17661d904a676086486f87b2d3241a30e431 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ton-payment-channels-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9e7497de28b982ff9a30a2d494d34eca9c190bba81a330f16ca8cdf7955e20e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1196 Malicious code in webhook-example-coinbase-commerce-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware caf969b51a297b05f640bf97cc7a17661d904a676086486f87b2d3241a30e431 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in lge-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 50473c9040c0e421b0ed196c99328de623d76a92ca2a5585abbb9e95c71e33c0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in paytm-blink-checkout-vue2-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 385d687658556da26e8a2d0bb6c9e941618705df2a677b38734b42ee715d7c5b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1108 Malicious code in deferred-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38dc68c75cb202e1290f22eb1e64cef5c216402392a2e18f51514c56b50134de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in deferred-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38dc68c75cb202e1290f22eb1e64cef5c216402392a2e18f51514c56b50134de Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-707 Malicious code in flux-example-chat (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25c56a7bd2b361d914ee94cd9ec12e8fe10e84358352b4cab6490131e216dbad Any computer that has this package installed or running should be considered...

Malicious code in flux-example-chat (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 25c56a7bd2b361d914ee94cd9ec12e8fe10e84358352b4cab6490131e216dbad Any computer that has this package installed or running should be considered...

MAL-2025-655 Malicious code in example-yarn (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-654 Malicious code in example-app-node (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in example-app-node (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in example-yarn (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

NEXT-EMP 1.0 Shell Upload Vulnerability

Titles: NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE Vulnerabilities Author: nu11secur1ty Date: 01/29/2025 Vendor: https://www.mayurik.com/ Software:...

kube-audit-rest's example logging configuration could disclose secret values in the audit log

Impact What kind of vulnerability is it? Who is impacted? If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. Patches Has the problem been patched? What versions should use...

GHSA-HCR5-WV4P-H2G2 kube-audit-rest's example logging configuration could disclose secret values in the audit log

Impact What kind of vulnerability is it? Who is impacted? If the "full-elastic-stack" example vector configuration was used for a real cluster, the previous values of kubernetes secrets would have been disclosed in the audit messages. Patches Has the problem been patched? What versions should use...

DFG JIT Use-After-Free

DFG's doesGC is incorrect about the HasIndexedProperty operation's behavior on StringObjects. This can lead to a use-after-free condition. See also https://bugs.chromium.org/p/project-zero/issues/detail?id=1699 for a similar issue. The DFG JIT compiler attempts to determine whether a DFG IR...

Exploit for Server-Side Request Forgery in Havocframework Havoc

CVE-2024-41570 | Havoc C2 SSRF with RCE | Automated Reverse Sh...

Malicious code in core-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ef412a8312b13b80beb12231488912f1488467e51c76b84f58deacd8e57488c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...