1360 matches found
MAL-2025-190682 Malicious code in @trigo/atrix-redis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51a9ee65fa4e448ca6d2c3b832232b73b5a2137ad1a4f7cf30bcce00497e5263 The package @trigo/atrix-redis was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190687 Malicious code in @trigo/keycloak-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87c444dc1ce66be4f196ec79b9db852b3c8c3bcf029738b61e4471c034c96fe0 The package @trigo/keycloak-api was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190674 Malicious code in @posthog/rrweb-snapshot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e09f740a4b99a55a685452aa412d77942e67c0de95136282343012196ed7bf41 The package @posthog/rrweb-snapshot was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190675 Malicious code in @posthog/rrweb-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de65400909e7dab680997106feffcc22e5a954f60fe775e82db28e5529bacb0c The package @posthog/rrweb-utils was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190696 Malicious code in ethereum-ens (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 874848c97832c07d7093bf8c59c73549a0f9b8c2ecffeab4d33a5c3fbcfb6a4a The package ethereum-ens was found to contain malicious code. Source: ghsa-malware 08b4862efdbd7fabbe626b338824bea3a86cdb7a190c176ab6ddc665f9ecf080 A...
MAL-2025-190703 Malicious code in zapier-platform-cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91585e373be96645e987946f96de5673a2cae4dec8eabdba368acad43399eb55 The package zapier-platform-cli was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190653 Malicious code in @asyncapi/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45b13eec1644f2d38922b7e61732a64ae6ee0d71810232ff15c95a3290de465d The package @asyncapi/cli was found to contain malicious code. Source: ghsa-malware 99e5bdb2a7d429f7e01403c432963826b244c3bed02a5a877ace1307b5fee3ad...
MAL-2025-190651 Malicious code in @alaan/s2s-auth (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e50bdec2a61138175bbd86f2b001903eb76400352b9bef5e55afcd6610fbbafa The package @alaan/s2s-auth was found to contain malicious code. Source: ghsa-malware f48811a0a401773ab205d7ce2a4ce4d1890a0ed23b75a75cd45e5140c702c99...
MAL-2025-190662 Malicious code in @asyncapi/nunjucks-filters (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51137a75fbced2a0515e71df0b97baf386e784c2eb5134c77ed77afdcb48fe34 The package @asyncapi/nunjucks-filters was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190665 Malicious code in @ensdomains/address-encoder (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ec8264ecb2af0b5028f08af1a108f7fe73cd1cbe55ea2cb7102a3e28b2e1052e The package @ensdomains/address-encoder was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190671 Malicious code in @posthog/cli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57662af8290901771cf534d8b1ca05ca88dfd84054580144d934f730549a4653 The package @posthog/cli was found to contain malicious code. Source: ghsa-malware e663c40b9060088ff86ea24eec083b9b5bf8afdec2e1963895e47e5177a673d1 A...
MAL-2025-190637 Malicious code in @asyncapi/generator-react-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7b0dadd48783af136a9dcf3f65cf9f24675841f02c7d1a5b6dc60709b392bf98 The package @asyncapi/generator-react-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2025-190644 Malicious code in @posthog/ai (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a9a022b20b3025cb0846139ab6f2a1308025ed8ee902db18aacbfa95c6ea7e6 The package @posthog/ai was found to contain malicious code. Source: ghsa-malware 1e6a08419969270cca059f804bb3ec25aa0427f00ef555a9409c12d50921a83c An...
MAL-2025-190648 Malicious code in @zapier/zapier-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d39a04949d436340c422fef75a4dab8c20b487218e69e62cdcd198bddbe9ee0e The package @zapier/zapier-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2025-191306 Malicious code in @quick-start-soft/quick-markdown-print (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 49e82ae5f39d0c568ce2ebb23ff053c97eba1c0bb306b946c3fefc4c0680b526 The package @quick-start-soft/quick-markdown-print was found to contain malicious code. Source: ghsa-malware...
CVE-2025-62794
GitHub Workflow Updater is a VS Code extension that automatically pins GitHub Actions to specific commits for enhanced security. Before 0.0.7, any provided Github token would be stored in plaintext in the editor configuration as json on disk, rather than through the more secure "securestorage" ap...
EUVD-2025-36570
GitHub Workflow Updater is a VS Code extension that automatically pins GitHub Actions to specific commits for enhanced security. Before 0.0.7, any provided Github token would be stored in plaintext in the editor configuration as json on disk, rather than through the more secure "securestorage" ap...
nuclei_poc
This repository is an offensive tool for Nuclei POCs. It is a Python script that clones GitHub repositories, extracts Nuclei POCs, and organizes them into categorized folders. The script runs automatically every day using GitHub Actions. The primary vulnerability class targeted by this tool is no...
EUVD-2024-3251
Malicious code in bioql PyPI...
EUVD-2022-2409
Malicious code in bioql PyPI...