6687 matches found
MAL-2026-53 Malicious code in gztensor-cli (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6010189e23e54782200df770b6e40ed7e37284779c25f28cd145aadd9ee8b623 Package clones a legitimate library and adds a hidden code that downloads a malicious script. The script then downloads an archive with malicious executable in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the NFS automount file system not inheriting the ro, noexec, nodev, and sync flags, which could lead to...
MAL-2026-35 Malicious code in aiihttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e98bbfaaccc91213e80bb0a09f5081a5701cf01629ac8b82370adbbbc42178b0 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in aiihttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e98bbfaaccc91213e80bb0a09f5081a5701cf01629ac8b82370adbbbc42178b0 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in aoohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d3438b2d065c0535b5ac80ce789201be4f8095642d0f10a20a7da13d46152f8 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-37 Malicious code in aoohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9d3438b2d065c0535b5ac80ce789201be4f8095642d0f10a20a7da13d46152f8 Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-38 Malicious code in auohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f4b76a407d91e23cb990d6ed08e3c0e81898f2b97d690db76b4e3b547fda5fab Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in auohttp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 f4b76a407d91e23cb990d6ed08e3c0e81898f2b97d690db76b4e3b547fda5fab Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in aiohtto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9338a4f3f167cf0ba279696ac9ae9bae26219391e2a87a805cc8bb92b4cddd6e Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
MAL-2026-36 Malicious code in aiohtto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9338a4f3f167cf0ba279696ac9ae9bae26219391e2a87a805cc8bb92b4cddd6e Obfuscated code downloads an encrypted binary blob, which is malware finally starting cryptomining. After starting the malware, the Python package uninstall...
Malicious code in qdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ee574ced05e27b63477cb84af816e02ae259c67246f4f31ff63819e7e1048e Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
MAL-2026-27 Malicious code in qdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4ee574ced05e27b63477cb84af816e02ae259c67246f4f31ff63819e7e1048e Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...
MAL-2026-26 Malicious code in pdatainstaller (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 671a0098c14338197a26cb64b7f5c35c0e741f3151313fff784bc7a4862ad579 Package is designed to download and execute a remote script, but the script itself seems to be broken missing or wrong URLs. It's most probably a test before...
MAL-2026-6 Malicious code in ziphash (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e9a36a54bad10e0f086740a84fd0a837dd4bf1cc9c3c0707648af4bb3855a03e During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...
CVE-2025-67707
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s architecture enforces controls that restrict uploaded...
CVE-2025-67706
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s architecture enforces controls that restrict uploaded...
CVE-2021-47742 Epic Games Psyonix Rocket League <=1.95 Elevation of Privileges via Insecure Permissions
Epic Games Psyonix Rocket League =1.95 contains an insecure permissions vulnerability that allows authenticated users to modify executable files with full access permissions. Attackers can leverage the 'F' Full flag for the 'Authenticated Users' group to change executable files and potentially...
CVE-2021-47742 Epic Games Psyonix Rocket League <=1.95 Elevation of Privileges via Insecure Permissions
Epic Games Psyonix Rocket League =1.95 contains an insecure permissions vulnerability that allows authenticated users to modify executable files with full access permissions. Attackers can leverage the 'F' Full flag for the 'Authenticated Users' group to change executable files and potentially...
CVE-2025-66866
A flaw was found in BinUtils. An attacker can exploit a vulnerability in the dabitags function within the cp-demangle.c file by providing a specially crafted Portable Executable PE file. This can lead to a Denial of Service DoS, making the affected application unavailable to legitimate users...
CVE-2025-66863
A flaw was found in BinUtils. Attackers can exploit this vulnerability by providing a specially crafted Portable Executable PE file. This can lead to a denial of service, making the affected application unavailable. Mitigation To reduce the risk of exploitation, users should avoid processing...