MAL-2026-4543 Malicious code in customerdigital-ui-containers-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a314a5b253dcb30b2781bda216266b7ab1b49b62eec416bd9be07b48ab46a348 On npm install, postinstall.js collects git identity, OS user/uid, hostname, internal network interface addresses, Cloudflare Pages environment...

Malicious code in neural-compressor-jax (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bb1f58a45ef1a06954d1807517faea8790a771906e95a98d571587558244ea3f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-191851 Malicious code in r-irkernel (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0d34dbf9f927fd7d2e9b1b97bf72e0063bbccd6f536a9c2e9e40c2f9371abd8e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

LB-LINK多款产品 访问控制错误漏洞

LB-LINK BL-AC1900 and others are products of China Bilink LB-LINK.LB-LINK BL-AC1900 is a wireless router.LB-LINK BL-AC3600 is a dual-band Gigabit wireless router that supports both 2.4GHz and 5GHz bands and is suitable for home and small office networks.LB-LINK AC2100AZ3 is a router. An access...

Malicious code in mkdocs-with-pdfs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6097342dec4553b4c3b0e2ad2292043de6f2579863ffadd9088c4a058c9a6026 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2023-8582 Malicious code in pyminor (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx f4b65ae360c6ccb0733894c0d6db59f44827dad1169ff36141aa391ef89f51a0 Malicious packages campaign targeting developers, payload is hidden using Steganography, exfiltrate host information...

RUSTSEC-2023-0103 `postgress` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...

Important: Red Hat Bug Fix Advisory: Satellite 6.7.2 Async Bug Fix Update

Updated Satellite 6.7 packages that fix several bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other clien...

CVE-2016-9384

Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table...

CVE-2016-9384

Xen 4.7 allows local guest OS users to obtain sensitive host information by loading a 32-bit ELF symbol table...

backorifice-info NSE Script

Connects to a BackOrifice service and gathers information about the host and the BackOrifice service itself. The extracted host information includes basic system setup, list of running processes, network resources and shares. Information about the service includes enabled port redirections,...

phpsysinfo-xss.txt

HSC PHPSysInfo Index.php Cross Site Scripting PhpSysInfo is a PHP script that displays information about the host being accessed. An attacker may leverage this issue to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may help the...