1634 matches found
EUVD-2025-36993
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
CVE-2025-54941 Apache Airflow: Command injection in "example_dag_decorator"
An example dag exampledagdecorator had non-validated parameter that allowed the UI user to redirect the example to a malicious server and execute code on worker. This however required that the example dags are enabled in production not default or the example dag code copied to build your own...
Malicious code in example-icrc35-shared-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e7e6839f13b54dc75f2b851ec1c1e78a9bbf4591f438a2053c99658e5f60189 The package example-icrc35-shared-library was found to contain malicious code. Source: ossf-package-analysis...
EUVD-2025-36967
Malicious code in example-icrc35-shared-library npm...
MAL-2025-49096 Malicious code in example-icrc35-shared-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4e7e6839f13b54dc75f2b851ec1c1e78a9bbf4591f438a2053c99658e5f60189 The package example-icrc35-shared-library was found to contain malicious code. Source: ossf-package-analysis...
Malicious Package
Overview jfrog-npm-actions-example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
EUVD-2025-36828
Malicious code in jfrog-npm-actions-example npm...
EUVD-2025-36832
Malicious code in ts-migrate-example npm...
Malicious code in ts-migrate-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13c089f283eddbfd2554393c29fc93368e75a6329803352ed0175155f436915f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview ts-migrate-example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-49055 Malicious code in ts-migrate-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13c089f283eddbfd2554393c29fc93368e75a6329803352ed0175155f436915f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in json-schema-to-typescript-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 148a68690ce752d3b4d67269d4cdd05066913f5abbc344c7f7bf9ac550af794b The package json-schema-to-typescript-example was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49246 Malicious code in json-schema-to-typescript-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 148a68690ce752d3b4d67269d4cdd05066913f5abbc344c7f7bf9ac550af794b The package json-schema-to-typescript-example was found to contain malicious code. Source: ossf-package-analysis...
PT-2025-44367
Name of the Vulnerable Software and Affected Versions Apache Airflow versions prior to 3.0.5 Description A parameter in the example dag decorator dag was not properly validated, potentially allowing a user of the Airflow UI to redirect the example to a malicious server and execute code on a worke...
Malicious code in example-ssr (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-48841 Malicious code in example-ssr (npm)
--- -= Per source details. Do not edit below this line.=-...
GHSA-H5FG-JPGR-RV9C Vert.x-Web Access Control Flaw in StaticHandler’s Hidden File Protection for Files Under Hidden Directories
Description There is a flaw in the hidden file protection feature of Vert.x Web’s StaticHandler when setIncludeHiddenfalse is configured. In the current implementation, only files whose final path segment i.e., the file name begins with a dot . are treated as “hidden” and are blocked from being...
CVE-2022-50568
CVE-2022-50568 affects the Linux kernel USB gadget code for f_hidg. The embedded struct cdev’s lifetime was not tied to the enclosing f_hidg, creating a use-after-free if /dev/hidgN is kept open while the gadget is deleted. The fix is to pull the existing device into struct f_hidg and use the cde...
EUVD-2020-13447
Malware in sbrugna...
EUVD-2019-2036
Malware in sbrugna...