Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2048 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/23 5:9 a.m.2 views

Malicious code in sling-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71488d197d0f61aaf0b4572ea62c47f0735db314374038355cbdf5735e7ca1b1 The OpenSSF Package Analysis project identified 'sling-sdk' @ 9.8.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/22 1:55 p.m.2 views

Malicious code in youreallydontwantthispackage2131 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8bca93b1825c930118e85cc054305e6aef120080f8cc68233467eb6ee7b3ff1d Installing the package attempts to exfiltrate GCP tokens. As it uses a random names and/or targets specific accounts, it's most probably a pentest. --- Categor...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/21 1:55 a.m.2 views

Malicious code in mybasicauth (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9f167c8091f34ef534b8a4fd6d46f2f09c2a268673734c1a7cf37a1ab4218153 The OpenSSF Package Analysis project identified 'mybasicauth' @ 1.0.13 npm as malicious. It is considered malicious because: - The package...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/18 4:57 p.m.3 views

Malicious code in projetmobile (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 71d8a1d00b53e4f04ce0ad77ebfbbb389dd8a22bc6b9a388f22335cf649501ba The OpenSSF Package Analysis project identified 'projetmobile' @ 2.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/18 2:37 p.m.2 views

Malicious code in emburse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a7f9320f062955ad648d35fec70489fe435e61acd5645c8b8dc6faf8e0c99ede The OpenSSF Package Analysis project identified 'emburse' @ 1.0.2 npm as malicious. It is considered malicious because: - The package communicat...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 2:48 p.m.2 views

Malicious code in ts-calling-test-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0db756d26a3007b10201297415dfaa2cf6315b37f9ef0b88fa32feac6aaf42bd The OpenSSF Package Analysis project identified 'ts-calling-test-app' @ 1.999.0 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 1:21 p.m.1 views

Malicious code in symphony-scatterplot (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e726ee689acd8462ec021757c373dfd8f62595dc76ea919971bdf13659a2d913 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 12:41 p.m.3 views

Malicious code in config-conventional (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9db287fbaa3f09a3e8e30d18616b161cbc82f46c0867a4f8638067c82846d154 The OpenSSF Package Analysis project identified 'config-conventional' @ 20.1.1 npm as malicious. It is considered malicious because: - The packa...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 12:35 p.m.1 views

Malicious code in bnppf-font-icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7a5f2ac07d2b638b2c5e858c36b6c48bcecc7c2bc4c51b99f419f06c2cd5c7c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 12:28 p.m.1 views

Malicious code in agora-rtc-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bed49b7fcfa2244aaa6560e20fdf121f7551e8856e6e43f34eb8be1f4a998cc7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/16 8:31 a.m.3 views

Malicious code in ship_sleepnpm-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d905e8d8a59735aa152acc4b84fb4eb05ddcd266fc54da26ef4c38d1f86d443 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/15 2:56 p.m.2 views

Malicious code in @coyo/ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 986db3d3f9403677037ca5dfa1eb6cbe730fa4d3686adb30602be2c8f5747e6e The OpenSSF Package Analysis project identified '@coyo/ui' @ 2.2.3 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/15 12:3 p.m.2 views

Malicious code in viajemos (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eaa4f7f65afd8ce40ebdcb66c5d40f5a10adf26157fb493c4628b2c5940d843 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/14 12:40 p.m.2 views

Malicious code in eslint-plugin-rossum (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 35e31ca4335b37c9acf1cc537c185f8c152911f991e75e3b8b248348d7f42e0a The OpenSSF Package Analysis project identified 'eslint-plugin-rossum' @ 7.7.7 npm as malicious. It is considered malicious because: - The packa...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/11 5:41 p.m.2 views

Malicious code in rei-browser-shim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ffe49e96d371fc539149fcb75a89d544ef18735fa7563a7c5aa1d05d1d4650db The OpenSSF Package Analysis project identified 'rei-browser-shim' @ 100.99.99 npm as malicious. It is considered malicious because: - The packa...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/10 8:29 a.m.2 views

Malicious code in manoj-app-css-alt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c88dab3b32782f38a2c1b962d842f1c4c52400df0c5622d73f4989ebc8381f6 The OpenSSF Package Analysis project identified 'manoj-app-css-alt' @ 9.1.1 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/09 1:17 p.m.2 views

Malicious code in extrafee (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 47b8fc5fe34861f3bc946919d0be2e616339384dd0ef276e64c0c9c891cc3002 The OpenSSF Package Analysis project identified 'extrafee' @ 99.0.0 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/08 8:30 a.m.3 views

Malicious code in @fdp-tools/helm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis bef4a02ea616732eda209303ce418b0fbf07d43995a8ac48bada7b7967f78819 The OpenSSF Package Analysis project identified '@fdp-tools/helm' @ 0.1.11 npm as malicious. It is considered malicious because: - The package...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/08 8:30 a.m.2 views

Malicious code in @fdp-tools/eslint-formatter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 5159c12014f3592f859dffa0d8c21b7f183b426a36d2de61f052cfa79fc5e809 The OpenSSF Package Analysis project identified '@fdp-tools/eslint-formatter' @ 0.0.14 npm as malicious. It is considered malicious because: - T...

7.1AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2024/10/08 8:30 a.m.3 views

Malicious code in @fdp-tools/artifactory (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7d1bc272c51a6ad1997aaaa84623c7746d308a5e53386e01c6845e1b849c7ffa The OpenSSF Package Analysis project identified '@fdp-tools/artifactory' @ 0.0.10 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0
Rows per page
Query Builder