MAL-2024-8731 Malicious code in @ep-mobile/icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 8898d3fb5c1fead4de584f7a8099d3df0886074a50f328df051524976dda9be2 The OpenSSF Package Analysis project identified '@ep-mobile/icons' @ 99.99.99 npm as malicious. It is considered malicious because: - The packag...

G DATA Total Security Scan Server Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the G DATA...

[SECURITY] Fedora 40 Update: orc-0.4.39-1.fc40

Orc is a library and set of tools for compiling and executing very simple programs that operate on arrays of data. The "language" is a generic assembly language that represents many of the features available in SIMD architectures, including saturated addition and subtraction, and many arithmetic...

MAL-2024-7855 Malicious code in psh-hydra-sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 7e602e73e004aedbd93e2617bee443de236f268346b5b57bd42fcd32669825fd The OpenSSF Package Analysis project identified 'psh-hydra-sdk' @ 1.0.1 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7843 Malicious code in hlwgirl (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 70e129077e409b307127c9a7e24115d3838f7a8748b65fcc22df02cf79af94e7 The OpenSSF Package Analysis project identified 'hlwgirl' @ 1.99.2 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7828 Malicious code in pkl-vscode (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 36b102f69e16083459cf07d2c10dfa74f8921dd7e8eda6686d1ded62b468de73 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in some-random-package-33 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 56e2adbf4dfb01600fc7df2c4a270d862b1b575c7040142ae070c7bf990d671e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in cugraph-dgl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c1f145fd51ee7737cb44e28b07d4ec3bfe53f4a8aac51d0b8bce58ef8bd71f7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2024-40550

An arbitrary file upload vulnerability in the component /admin/cmsTemplate/savePlaceMetaData of Public CMS v.4.0.202302.e allows attackers to execute arbitrary code via uploading a crafted file...

Malicious code in atlassian-plugins-jquery (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fa70e76a995c21512e5537f8ba45c8143816593a98f504f5ac88ad3e752d9eaa The OpenSSF Package Analysis project identified 'atlassian-plugins-jquery' @ 0.0.0-dev npm as malicious. It is considered malicious because: - T...

Malicious code in cx-api-client-lite (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 315d3186e692fd6934de0d66c25255e03eb763a15daa0785e92e58a2abbbba60 The OpenSSF Package Analysis project identified 'cx-api-client-lite' @ 200.0.1 npm as malicious. It is considered malicious because: - The packa...

CVE-2024-40549

PublicCMS v4.0.202302.e is affected by CVE-2024-40549 due to an arbitrary file upload vulnerability in the /admin/cmsTemplate/savePlace component, which can allow an attacker to execute arbitrary code via a crafted file. The CVE is documented across multiple feeds (NVD, Red Hat, CNNVD, OSV, etc.)...

MAL-2024-7675 Malicious code in sap-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 31ff8336288d19b3a88806421ef67e0be46756aa82f7f433de961caf689f9adf The OpenSSF Package Analysis project identified 'sap-app' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

MAL-2024-7674 Malicious code in sap-ans (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 039a7fc0556d340f2ad4abfec6c8573743803edbe7e104947364c0332716d7c5 The OpenSSF Package Analysis project identified 'sap-ans' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...

MAL-2024-7645 Malicious code in sap-badfiles (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4a9459e9f1bcf3b7c028ace7fe4af0c22616ec0e041f4f784c04288e1e3d4c79 The OpenSSF Package Analysis project identified 'sap-badfiles' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7673 Malicious code in sap-cd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b129ce991640a28395649d0743d86a38416052a617e290ac3fbe220ab780351c The OpenSSF Package Analysis project identified 'sap-cd' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicate...

MAL-2024-7630 Malicious code in sap-book (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c68c893f3475a740e060ed6a501dbabd12fc820a89a93ed0cf7931908d737ade The OpenSSF Package Analysis project identified 'sap-book' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

Malicious code in sap-branch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 851001d10c93ca8e9025db86fdcb56a59789bf1b611ce5e97ec653512d12a997 The OpenSSF Package Analysis project identified 'sap-branch' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7604 Malicious code in sap-banner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ade7c2f2da6bdc4a6a2747521832eafde3c2e3b4c243f5dfc664acf34b8d0e7c The OpenSSF Package Analysis project identified 'sap-banner' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7600 Malicious code in sap-ban (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f5c6aac6baea6c693c35b46c3c06e00f63a8c369ccf2dda1061322e7056c932f The OpenSSF Package Analysis project identified 'sap-ban' @ 0.0.0 npm as malicious. It is considered malicious because: - The package communicat...