Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 4:47 p.m.2 views

Malicious code in nudela-gagagaafh0afhf-gafsafoai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 33516ad4a113964856f6c06a665cbe2e246314ec3c4b12d251a54fb95ad87161 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 4:29 a.m.2 views

Malicious code in got-release-it-nodemon-callisto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2424016c8ee5e47eacbc475dc2f28d025a81a82cbae0be1a60689f3d65c1ba49 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/11 10:56 p.m.2 views

Malicious code in eka-rangi27-sluey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0dc55ce91f6aa152c0bf5f194ab237109277e4823daf5fefa327846d2b46ef6f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
RedhatCVE
RedhatCVEadded 2025/09/04 11:33 a.m.2 views

CVE-2025-52550

E3 Site Supervisor Control firmware version 2.31F01 firmware upgrade packages are unsigned. An attacker can forge malicious firmware upgrade packages. An attacker with admin access to the application services can install a malicious firmware upgrade...

8.6CVSS6.8AI score0.00063EPSS
Exploits0References1
NVD
NVDadded 2023/12/12 1:15 a.m.13 views

CVE-2023-36650

A missing integrity check in the update system in ProLion CryptoSpike 3.0.15P2 allows attackers to execute OS commands as the root Linux user on the host system via forged update packages...

7.2CVSS0.00061EPSS
Exploits1References1
Microsoft CVE
Microsoft CVEadded 2021/06/04 7:0 a.m.4 views

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

...

5.5CVSS7AI score0.00177EPSS
Exploits0
The Hacker News
The Hacker Newsadded 2020/03/24 8:6 p.m.79 views

Critical RCE Bug Affects Millions of OpenWrt-based Network Devices

A cybersecurity researcher today disclosed technical details and proof-of-concept of a critical remote code execution vulnerability affecting OpenWrt, a widely used Linux-based operating system for routers, residential gateways, and other embedded devices that route network traffic. Tracked as...

8.1CVSS0.6AI score0.00323EPSS
Exploits3
Rows per page
Query Builder