MAL-2024-10880 Malicious code in maven-dependency-submission-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1381f1caf30bbc11135c6f4ffc6634a4cdeaaa63627d583675758c564c38c804 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10817 Malicious code in take3-hello-world (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c3ab74f2bd476e91c4d2e0d1cd29fa80dfb82df59eb0d48c4fd32e6fec28ef39 The OpenSSF Package Analysis project identified 'take3-hello-world' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7644 Malicious code in sap-authitem (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f6bddbe556bea51802eadeaf835c5a115dc0c681418d7a5a3fce19689b32aa2a The OpenSSF Package Analysis project identified 'sap-authitem' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7570 Malicious code in sap-assign (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3e112087f561ca61a642cf1a40c5cc1e7dbed013d9b068897a47af54b8b6c653 The OpenSSF Package Analysis project identified 'sap-assign' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-7512 Malicious code in sap-adminpass (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6cb3a6c9207dbd171426502a8980c0c182bcd9c5150388ffe4689447f011376a The OpenSSF Package Analysis project identified 'sap-adminpass' @ 0.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2024-1590 Malicious code in ing-feat-lu-luxtrust-smartcard-authentication (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e101f8c803c8ca5e2fddab02abc82d9de8ce89fd23fb6f52bc2fd31a73c0fa01 The OpenSSF Package Analysis project identified 'ing-feat-lu-luxtrust-smartcard-authentication' @ 200.0.1 npm as malicious. It is considered...

MAL-2023-8763 Malicious code in enchantv (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f578b605e73b68aae8c1d8a9bd3f55b810839b2bccd720bccc7f887c2e0046c8 Packages either test the malicious behaviour, or actually download and run a simple remote script during the installation. --- Category: PROBABLYPENTEST -...

MAL-2023-1469 Malicious code in flowtorch (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6c2c3f2d7423991d07fec2693f59f64eaa2f3a3d0122fbf6f05e19a6d2a40871 The OpenSSF Package Analysis project identified 'flowtorch' @ 9.2.2 npm as malicious. It is considered malicious because: - The package...

MAL-2023-1255 Malicious code in nwa-uikit-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 90a7d076b934f9928aa5301f8d62f0218fd96a1f59a26102659ee688114d764a The OpenSSF Package Analysis project identified 'nwa-uikit-web' @ 1.0.2 npm as malicious. It is considered malicious because: - The package...

CVE-2020-5350

Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command injection vulnerability in the ACM component. A remote authenticated malicious user with root privileges could inject parameters in the ACM component APIs that could lead to manipulation of passwords...