Lucene search
K

29748 matches found

OSV
OSV
added 2025/09/18 4:34 a.m.3 views

MAL-2025-47450 Malicious code in hello-shai (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 297f2a57d1c225e18d8464c2024daef4567955be0eb8cd8d45052aa778fb4f3a This package was compromised by the Shai-Hulud NPM worm. The malicious payload steals tokens and credentials and publishes them to GitHub...

7AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/18 4:34 a.m.11 views

Malicious code in hello-shai (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 297f2a57d1c225e18d8464c2024daef4567955be0eb8cd8d45052aa778fb4f3a This package was compromised by the Shai-Hulud NPM worm. The malicious payload steals tokens and credentials and publishes them to GitHub...

7AI score
Exploits0References5
Chainguard
Chainguard
added 2025/09/18 1:35 a.m.3 views

GHSA-X7HR-W5R2-H6WG vulnerabilities

Vulnerabilities for packages: kibana, opensearch-dashboards-fips, opensearch-dashboards...

5.8AI score
Exploits0
Circl
Circl
added 2025/09/17 9:2 p.m.5 views

CVE-2025-55912

creationtimestamp| type| source ---|---|--- 2025-09-17 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qay4iex25 2025-09-18 07:08:47+00:00| seen| https://bsky.app/profile/securitycipher.bsky.social/post/3lz3s55r7pt2j 2025-09-18 18:43:15+00:00| seen|...

7.3CVSS5.8AI score0.01448EPSS
Exploits4References3
OSV
OSV
added 2025/09/17 5:3 p.m.2 views

GO-2025-3961 Podman Creates Temporary File with Insecure Permissions in github.com/containers/podman

Podman Creates Temporary File with Insecure Permissions in github.com/containers/podman...

7.4CVSS7AI score0.00596EPSS
Exploits0References4
OSV
OSV
added 2025/09/17 5:3 p.m.5 views

GO-2025-3938 Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder

Coder vulnerable to privilege escalation could lead to a cross workspace compromise in github.com/coder/coder...

8.1CVSS7AI score0.00349EPSS
Exploits1References8
OSV
OSV
added 2025/09/17 5:3 p.m.43 views

GO-2025-3950 Mattermost Missing Authorization vulnerability in github.com/mattermost/mattermost-server

Mattermost Missing Authorization vulnerability in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

6.5CVSS6.9AI score0.00242EPSS
Exploits0References3
OSV
OSV
added 2025/09/17 5:3 p.m.2 views

GO-2025-3940 Atlantis Exposes Service Version Publicly on /status API Endpoint in github.com/runatlantis/atlantis

Atlantis Exposes Service Version Publicly on /status API Endpoint in github.com/runatlantis/atlantis...

7.5CVSS7AI score0.00426EPSS
Exploits1References1
OSV
OSV
added 2025/09/17 5:58 a.m.4 views

MAL-2025-47422 Malicious code in devextreme-rpk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f74fc68752b93858b4cd802b0c1c9c940779258a08c206b0787ebf5b94bc9738 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/17 5:58 a.m.2 views

Malicious code in @strong-energetic/test-banned-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security beb2182dad9121d8cdfbd98f321d90cd62cda75f2c4ef68f1a5e22608808dc91 This package was compromised by the Shai-Hulud NPM worm. The malicious payload steals tokens and credentials and publishes them to GitHub...

7AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/17 5:58 a.m.4 views

Malicious code in devextreme-rpk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f74fc68752b93858b4cd802b0c1c9c940779258a08c206b0787ebf5b94bc9738 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSV
OSV
added 2025/09/17 5:58 a.m.2 views

MAL-2025-47420 Malicious code in @basic-ui-components-stc/basic-ui-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0c7cc4b06e4071b6e4613358e926ea521ee3acb2223670ed3783c57abb5c0567 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSV
OSV
added 2025/09/17 5:58 a.m.2 views

MAL-2025-47421 Malicious code in @strong-energetic/test-banned-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security beb2182dad9121d8cdfbd98f321d90cd62cda75f2c4ef68f1a5e22608808dc91 This package was compromised by the Shai-Hulud NPM worm. The malicious payload steals tokens and credentials and publishes them to GitHub...

7AI score
Exploits0References5
OSV
OSV
added 2025/09/16 10:9 p.m.4 views

MAL-2025-47293 Malicious code in ace-colorpicker-rpk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 426138ee95f77b41d1c00a47edab8b076d8fef24aeddcacb76c601e67fea7312 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 10:9 p.m.5 views

Malicious code in @ui-ux-gang/devextreme-rpk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc643d20a812778984d46636db2ea2e7e08c97ca2710b212c0b07a023461df59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References6
Circl
Circl
added 2025/09/16 8:55 p.m.4 views

CVE-2024-3378

creationtimestamp| type| source ---|---|--- 2025-09-16 20:55:49+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-3378.yaml 2025-09-17 21:02:43+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qaznlls25...

6.1CVSS4.2AI score0.22002EPSS
Exploits4References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.4 views

Malicious code in @operato/popup (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 211d1a1f6ff1362c33afe9e1d91ae471476a624a0bc79a2ef3a1a74d7fc4189d Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.2 views

Malicious code in create-hest-app (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4f8a7c74b24a78d61a35d81d643117f524f843b425f34d281012f7ab8632868 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 5:5 p.m.4 views

Malicious code in mstate-react (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 997c10662d47fa55ca8cd4db612274bf4d589c7d82d079b48fae3261bb5c65a7 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
OSV
OSV
added 2025/09/16 5:5 p.m.3 views

MAL-2025-47416 Malicious code in voip-callkit (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a734b4465eca2576dd3250f97ed37e8537b32d73d0b45adc3bca41bdd52c633c Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References6
Rows per page
Query Builder