Lucene search
K

716 matches found

OSV
OSV
added 2018/08/29 11:56 p.m.26 views

GHSA-3WXQ-7R8M-QPMG ffmepg is malware

The ffmepg package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concern ...

7.5CVSS7.6AI score0.01177EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/29 11:50 p.m.24 views

node-opencv is malware

The node-opencv package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/29 11:50 p.m.14 views

GHSA-4X37-5RH2-HP8C node-opencv is malware

The node-opencv package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/29 11:45 p.m.26 views

openssl.js is malware

The openssl.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01177EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/29 11:45 p.m.11 views

GHSA-22GQ-X6PG-752J openssl.js is malware

The openssl.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.6AI score0.01177EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/29 11:43 p.m.47 views

nodemailer.js is malware

The nodemailer.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01177EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/29 11:43 p.m.16 views

GHSA-J866-8VXX-27HX nodemailer.js is malware

The nodemailer.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.6AI score0.01177EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/29 11:40 p.m.22 views

nodemailer-js is malware

The nodemailer-js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2018/08/29 11:38 p.m.19 views

nodecaffe is malware

The nodecaffe package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security conce...

7.5CVSS7.3AI score0.01177EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2018/08/29 11:36 p.m.20 views

nodeffmpeg is malware

The nodeffmpeg package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01177EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/29 11:36 p.m.16 views

GHSA-WQH4-27CC-J8F2 nodeffmpeg is malware

The nodeffmpeg package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.6AI score0.01177EPSS
Exploits0References3
OSV
OSV
added 2018/08/29 11:20 p.m.20 views

GHSA-VV6Q-9CFW-4C83 smb is malware

The smb package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concern is...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/29 11:19 p.m.21 views

Hijacked Environment Variables in proxy.js

The proxy.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

7.5CVSS5AI score0.01123EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/29 11:19 p.m.19 views

GHSA-QJ73-V688-WQXF Hijacked Environment Variables in proxy.js

The proxy.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security concer...

7.5CVSS7.6AI score0.01123EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/29 11:16 p.m.31 views

http-proxy.js is malware

The http-proxy.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01177EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/29 11:16 p.m.15 views

GHSA-4G54-95XV-F353 http-proxy.js is malware

The http-proxy.js package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.6AI score0.01177EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/27 7:7 p.m.22 views

Shadowsock is malware

The shadowsock package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation As this package is malware, if you find it installed in your environment, the real security...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2018/08/06 8:12 p.m.22 views

cofee-script is malware

The cofee-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofee-script installed in your...

7.5CVSS7.3AI score0.01177EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2018/08/06 8:12 p.m.17 views

GHSA-C9RJ-PGXV-84JC cofee-script is malware

The cofee-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found cofee-script installed in your...

7.5CVSS7.6AI score0.01177EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2018/08/06 8:6 p.m.35 views

coffe-script is malware

The coffe-script package is a piece of malware that steals sensitive data such as a user's private SSH key and bash history, sending them to attacker controlled locations. All versions have been unpublished from the npm registry. Recommendation If you have found coffe-script installed in your...

7.5CVSS7.3AI score0.01123EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder