2048 matches found
Malicious code in @hornetsecurity/angular-pew-pew (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 28e7be23ba9caf66d89c4659d66001871cf1901098bdab6dd4dd8630d476a991 The OpenSSF Package Analysis project identified '@hornetsecurity/angular-pew-pew' @ 1.0.0 npm as malicious. It is considered malicious because: ...
MAL-2025-6890 Malicious code in @hornetsecurity/angular-pew-pew (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 28e7be23ba9caf66d89c4659d66001871cf1901098bdab6dd4dd8630d476a991 The OpenSSF Package Analysis project identified '@hornetsecurity/angular-pew-pew' @ 1.0.0 npm as malicious. It is considered malicious because: ...
Malicious code in aog-lib (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 741266c7bad6d1e60680d0242b4f212454b09ca9647a683b5b314b262760943d The OpenSSF Package Analysis project identified 'aog-lib' @ 2.2.4 npm as malicious. It is considered malicious because: - The package communicat...
Malicious code in coronavirus-calculator (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d30c7b91e8bbf434aa10762bff4148e83d80a714b10456cce7ba248b85021dde The OpenSSF Package Analysis project identified...
Malicious code in solana-spl-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis abc65f4de1b50248d903c79cb67ac016c8da464314e5830c70dbe0a1140503a9 The OpenSSF Package Analysis project identified 'solana-spl-sdk' @ 0.1.1 npm as malicious. It is considered malicious because: - The package...
CVE-2025-24975 Firebird Non-Authorized Access to Encrypted Database Using Execute Statement on External
Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when...
Malicious code in solana-pump-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4f33aa024a9c864923429d861e28123d1aaba539b1e235683189ca285697b572 The OpenSSF Package Analysis project identified 'solana-pump-test' @ 2.5.3 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6881 Malicious code in azure-arm-parameterflattening (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eb5daaded20e2143b5c1c293f3cacb3b702abaf0a14a1922a7d0ff1a42648cf5 The OpenSSF Package Analysis project identified 'azure-arm-parameterflattening' @ 5.1.2 npm as malicious. It is considered malicious because: -...
Malicious code in azure-arm-parameterflattening (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis eb5daaded20e2143b5c1c293f3cacb3b702abaf0a14a1922a7d0ff1a42648cf5 The OpenSSF Package Analysis project identified 'azure-arm-parameterflattening' @ 5.1.2 npm as malicious. It is considered malicious because: -...
Malicious code in cloudflare-agent-starter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 073c16b7f6f9d6ba8d94458e7efa756a07cfcc78cefbda3ed218097358812980 The OpenSSF Package Analysis project identified 'cloudflare-agent-starter' @ 99.99.99 npm as malicious. It is considered malicious because: - Th...
MAL-2025-6958 Malicious code in statsd-jvm-profiler-dash (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1641c5f88ba5a2747c3768eb890f4e8ec38765b0e706615a116369a1b27e86f8 The OpenSSF Package Analysis project identified...
Malicious code in statsd-jvm-profiler-dash (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1641c5f88ba5a2747c3768eb890f4e8ec38765b0e706615a116369a1b27e86f8 The OpenSSF Package Analysis project identified...
Malicious code in @goes-funky/y42-vscode (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f2e0a98abbd9d80612a2ceffc06aac69b23dd12331094d9588992d8789631cf4 The OpenSSF Package Analysis project identified...
MAL-2025-6902 Malicious code in @goes-funky/y42-vscode (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f2e0a98abbd9d80612a2ceffc06aac69b23dd12331094d9588992d8789631cf4 The OpenSSF Package Analysis project identified...
Malicious code in responsive-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4afdda2858edbdcc921f3ba82cbd2e348994eb5d31b6a87f4487dd774ee554f7 The OpenSSF Package Analysis project identified 'responsive-dashboard' @ 2.0.0 npm as malicious. It is considered malicious because: - The packa...
MAL-2025-6876 Malicious code in responsive-dashboard (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4afdda2858edbdcc921f3ba82cbd2e348994eb5d31b6a87f4487dd774ee554f7 The OpenSSF Package Analysis project identified 'responsive-dashboard' @ 2.0.0 npm as malicious. It is considered malicious because: - The packa...
Malicious code in wf-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f5d0387a0af7cf2983c45745f58fdce63df887bdfc8d5a401425e53ebd586199 The OpenSSF Package Analysis project identified 'wf-logger' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6877 Malicious code in wf-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f5d0387a0af7cf2983c45745f58fdce63df887bdfc8d5a401425e53ebd586199 The OpenSSF Package Analysis project identified 'wf-logger' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6874 Malicious code in geospatial-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74393d640797f18f4e110cfb20f3f2be681c867e2383cfa386f78a3fad2065f8 The OpenSSF Package Analysis project identified 'geospatial-example' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...
Malicious code in geospatial-example (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 74393d640797f18f4e110cfb20f3f2be681c867e2383cfa386f78a3fad2065f8 The OpenSSF Package Analysis project identified 'geospatial-example' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...