55 matches found
EUVD-2022-3981
Malicious code in bioql PyPI...
EUVD-2024-35339
Malicious code in bioql PyPI...
EUVD-2024-30552
Malicious code in bioql PyPI...
EUVD-2025-12285
Malicious code in bioql PyPI...
EUVD-2022-32269
Malicious code in bioql PyPI...
Malicious code in github-kredz (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 537bf1dc9a46b4e69b596275e61de6d1b75ca3eeb2979bde507688f07458c088 The OpenSSF Package Analysis project identified 'github-kredz' @ 1.0.1.1135.gf4a4623f5 rubygems as malicious. It is considered malicious because...
CVE-2025-54948
A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations...
PT-2025-31926
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One affected versions not specified Description A vulnerability exists in the Trend Micro Apex One management console that stems from a lack of proper validation of user-supplied strings before they are used to execute system...
PT-2025-31925
Name of the Vulnerable Software and Affected Versions Trend Micro Apex One on-premise affected versions not specified Description A vulnerability exists in the Trend Micro Apex One on-premise management console that could allow a pre-authenticated remote attacker to upload malicious code and...
CVE-2025-26854
A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 for Joomla allows attackers to execute arbitrary SQL commands...
MAL-2025-5321 Malicious code in sdk.babelhelpers (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ecc77e86573c3fd986a8fac35d0368893554af91bcf9f31d8e0c2fa342d3890 Any computer that has this package installed or running should be considered...
CVE-2023-28110
Jumpserver is a popular open source bastion host, and Koko is a Jumpserver component that is the Go version of coco, refactoring coco's SSH/SFTP service and Web Terminal service. Prior to version 2.28.8, using illegal tokens to connect to a Kubernetes cluster through Koko can result in the...
CVE-2013-4137
Multiple SQL injection vulnerabilities in StatusNet 1.0 before 1.0.2 and 1.1.0 allow remote attackers to execute arbitrary SQL commands via vectors related to user lists and "a particular tag format."...
CVE-2025-22212
A SQL injection vulnerability in the Convert Forms component versions 1.0.0-1.0.0 - 4.4.9 for Joomla allows authenticated attackers administrator to execute arbitrary SQL commands in the submission management area in backend...
MAL-2025-1564 Malicious code in synapse-contracts (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2f22e2f65543683192030203ce08eecf0c137c3bc94f711cf9dd5c143dd1bd19 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-1388 Malicious code in zmcrypty (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ee24745300aa11ed0e92813032e7269a17e9c66f73b03ac3e38e6bd613268e1c The OpenSSF Package Analysis project identified 'zmcrypty' @ 66.6.0 npm as malicious. It is considered malicious because: - The package...
MAL-2024-11762 Malicious code in okxweb3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis fce54676410bc1cff0b9c8068f4b763ec72e75752bc5cb2ba565027d48dcc4fe The OpenSSF Package Analysis project identified 'okxweb3' @ 99.999.999 npm as malicious. It is considered malicious because: - The package...
MAL-2024-11757 Malicious code in dexter123 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92153d5ec8ca742a1abda5dd5a05def8deace56614101ebb7f38980a9583769a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-11230 Malicious code in testing-bounty123 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3baf10e9fd106ea680be856387e7922e4a863a1eaf02c4fab1aaff60e537dfbd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9025 Malicious code in textannoviz (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d112629d453ff55ba22ba56e98536f241a9ed17883c1bd52e57da76c41a8f131 The OpenSSF Package Analysis project identified 'textannoviz' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...