117 matches found
Fedora 42 : composer (2026-13b4dbe546)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-13b4dbe546 advisory. Version 2.9.3 - 2025-12-30 Security: Fixed ANSI sequence injection GHSA-59pp-r3rg-353g / CVE-2025-67746 Fixed COMPOSERNOSECURITYBLOCKING env var not being...
Malicious code in blobhunter-depconf-poc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 6bbf9ae244466116ca709955328b8ae27867658e636ac521004edd501b38d4ef Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in accesspdp (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 11c8d523da4caf20e4a8a37285ab51a94173b2270777bb074878fdec62dee115 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-192946 Malicious code in crpto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8d63e95f77927edecca2696ce60ea5c069170b051adc651f425a42b2f27f384c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-192930 Malicious code in pxdbench (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d0668ec9c7f4535009661c430bc932c09667a7d31aa3f8912a09c65afc21f529 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in raft-dask (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 030a53a896f5df53ae7114349ea26d0d00d132929f557c6b16ce9e2cdb217a0d Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in qt-main (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 bd1f92a69928dc8fa2a6a50cfd596c34802bc68fc28dd5dd8508fc24344bbec9 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191717 Malicious code in dev-server-python (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 77df2294feff074b86c685e622e69901b80eb16fdbf60eb785a026318d84788e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191812 Malicious code in peptest (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1230d903d5782f1a6d2d779ada368260f2c32d9e4f74bfd3ddd8f4df9c570572 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in minemeld-core (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 dfe7b8c00b3748b3fe38ffdf3bd69558abb58091ee3347d47003929976ceb457 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191937 Malicious code in xsltproc (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9038d06e907a027d385f7ef9111815ca61e7b26fce85196a549c20e02447adc4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191895 Malicious code in testpurpleteaming (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e4cc49d59c07354a2817163d4e569b1f6d2e6cf17c5c7fb0135bc5feebdfea4e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in klsosdoids2 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d72d2891383419bc38738c4c3be786e31a5000e46d5b3064bacf11561ad69af8 Package simulates malicious activity during installation and has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest package...
Malicious code in huzzleup (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 96519e802e0761cc6f22ffc2dde7aee04fc6806f5831c1e98c15512792a3cd1d Package simulates malicious activity during installation and has no other purpose --- Category: PROBABLYPENTEST - Packages looking like typical pentest package...
MAL-2025-191744 Malicious code in gradio-videotimeline (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4c60699afd7e95b0d638703849ef060a53327d2aa47f98909ced4e7327ffea3c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
gosec
This is a Go AST Abstract Syntax Tree scanner for identifying security vulnerabilities in Go code. The scanner is called "gosec" and is part of the GolangCI project. It can be installed using the command "go get github.com/golangci/gosec/cmd/gosec/...". The scanner can be configured to run a subs...
MAL-2025-191809 Malicious code in packed-w3shi (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 3d670904891ef361ef283e3f218f21b6e3758847277e8bccb0dbecd08b08971a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in supersafereverse (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 278b176bded4d8a1ad0e2e56a576804e4ed53fa2797fde701bc752bbe68379ab Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2025-191910 Malicious code in treeherder-submitter (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 62f372bfa72908a63c289d80e0133c9e6a34732dc8e051ba7be3be89ecc01383 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Tiny MoxieManager 安全漏洞
Tiny MoxieManager is an application from Tiny Inc. NET for managing all media files in PHP and . A security vulnerability exists in Tiny MoxieManager versions prior to 4.0.0 that stems from a remote code execution that can occur in the install command and allow an unauthenticated attacker to inje...