Lucene search
K

436 matches found

vulnersOsv
vulnersOsv
added 2026/06/03 9:39 p.m.7 views

browserstack-tape-runner (>=1.0.0 <=3.0.0), duplo (>=1.6.11 <=1.9.1) +4 more potentially affected by CVE-2026-49143 via browserstack-runner (>=0.2.1 <=0.9.4)

browserstack-runner NPM version =0.2.1, =1.0.0, =1.6.11, =0.1.4, =0.1.1, =2.0.2 - run-browserstack-tests =1.0.2 - yasmf-localization =0.0.2 Source cves: CVE-2026-49143 Source advisory: OSV:GHSA-6VR3-7WCX-V5G5...

8.8CVSS5.4AI score0.00392EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Grunt

Path traversal in the GitHub repository gruntjs/grunt before version 1.5.2...

7.1CVSS6.7AI score0.00571EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Grunt

The file.copy operations in GruntJS are vulnerable to a TOCTOU race condition, which can lead to arbitrary file writes in the GitHub repository gruntjs/grunt before version 1.5.3. This vulnerability allows for arbitrary file writes that can lead to local privilege escalation to the GruntJS user...

7.8CVSS7AI score0.00299EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/06 7:14 a.m.6 views

Malicious Package

Overview ig-grunt-file-list is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
Snyk
Snyk
added 2026/03/06 7:14 a.m.5 views

Malicious Package

Overview ig-grunt-release is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.4AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/11/26 10:9 p.m.7 views

grunt-willitmerge (>=0.2.0 <=1.0.0) potentially affected by CVE-2025-66219 via willitmerge (=0.1.2)

willitmerge NPM version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on willitmerge and may be impacted: - grunt-willitmerge =0.2.0, =1.0.0 Source cves: CVE-2025-66219 Source advisory: SNYK:JS-WILLITMERGE-14135971...

9.8CVSS5.8AI score0.02413EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2025/11/26 10:9 p.m.6 views

grunt-willitmerge (>=0.2.0 <=1.0.0) potentially affected by CVE-2025-66219 via willitmerge (=0.1.2)

willitmerge NPM version =0.1.2 is affected by a known vulnerability. The following packages have a transitive dependency on willitmerge and may be impacted: - grunt-willitmerge =0.2.0, =1.0.0 Source cves: CVE-2025-66219 Source advisory: OSV:GHSA-J9WJ-M24M-7JJ6...

9.8CVSS5.8AI score0.02413EPSS
Exploits1
EUVD
EUVD
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-178643

Malicious code in grunt-bellatrix-less-sirius npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in impulse-holography-grunt-sequelize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c9c28c8183009a08a11188523afcf95bf4a90b317d6e72e29db3fb3800beef2b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-175562

Malicious code in wezen-mutation-ora-grunt npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-180033

Malicious code in blazar-pegasus-quark-grunt npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in protractor-neptunology-less-grunt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f99a560aedc45e4f26911ef2f432de2beb6f35bacf82bea94cedc3949128db3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178437

Malicious code in impulse-holography-grunt-sequelize npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179517

Malicious code in cosmos-yonder-grunt-nashira npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.7 views

EUVD-2025-178642

Malicious code in grunt-ursa-cosmochemistry-xenobiology npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179639

Malicious code in commitizen-radioastronomy-steganography-grunt npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.6 views

EUVD-2025-178061

Malicious code in lithosphere-changelog-grunt-uglify-js npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178980

Malicious code in exoplanet-boson-readable-grunt npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.9 views

Malicious code in spectron-grunt-auth-europa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6cbd342d4b73f3ab91a46f07b5ec0f8fb7ea8893422949f32cb9b9cae1c1dc1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-176267

Malicious code in spectron-grunt-auth-europa npm...

6.6AI score
Exploits0
Rows per page
Query Builder