Lucene search
+L

698 matches found

osv
osv
added 2026/06/11 7:25 a.m.27 views

MAL-2026-5614 Malicious code in janus-erc20 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 728f3d5af5a999be016a49283fff2c5cedc0c5df445d2f078f1f9817dde22334 On npm install, postinstall.js harvests installer secrets and POSTs them to 193.203.169.109:8443/c/janus-erc20 over HTTPS with TLS verification...

5.4AI score
Exploits0References2
ossf
ossf
added 2026/06/11 2:53 a.m.17 views

Malicious code in janus-flow (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d33c10c068a69d14d0333b93de7745caffd62013c57de6c55f20a6b53ffdcb1 On npm install, the package's postinstall hook node postinstall.js 2/dev/null || true silently runs a credential harvester against the installer...

5.4AI score
Exploits0References2
ptsecurity
ptsecurity
added 2026/05/29 12:0 a.m.20 views

PT-2026-44990

Name of the Vulnerable Software and Affected Versions FreeSWITCH versions prior to 1.11.0 Description The bundled XML parser in FreeSWITCH expands nested declarations without a depth or count bound. This allows a small Document Type Definition DTD to describe a body that expands exponentially, a...

7.5CVSS5.5AI score0.00343EPSS
Exploits0References3
redhatcve
redhatcve
added 2026/01/09 9:53 a.m.13 views

CVE-2020-10574

An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "querylogger" Admin API request, because of a typo in the JSON validation...

9.8CVSS6.7AI score0.01231EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:52 a.m.8 views

CVE-2020-10575

An issue was discovered in Janus through 0.9.1. plugins/janusvideocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times...

4.2CVSS6.8AI score0.00466EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/09 9:50 a.m.12 views

CVE-2020-10573

An issue was discovered in Janus through 0.9.1. janusaudiobridge.c has a double mutex unlock when listing private rooms in AudioBridge...

7.5CVSS6.8AI score0.00839EPSS
Exploits0References1
snyk
snyk
added 2025/12/19 8:36 a.m.3 views

Malicious Package

Overview usage-tracker-janus is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
ossf
ossf
added 2025/12/19 8:36 a.m.7 views

Malicious code in usage-tracker-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8998ae7ec51b23bfdefe724e7c4bc34ad623362708f171a1c3ffcf4e98be15e0 The package usage-tracker-janus was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References1
euvd
euvd
added 2025/12/19 8:36 a.m.4 views

EUVD-2025-204508

Malicious code in usage-tracker-janus npm...

6.6AI score
Exploits0References1
osv
osv
added 2025/12/19 8:36 a.m.3 views

MAL-2025-192644 Malicious code in usage-tracker-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8998ae7ec51b23bfdefe724e7c4bc34ad623362708f171a1c3ffcf4e98be15e0 The package usage-tracker-janus was found to contain malicious code. Source: ghsa-malware...

6.8AI score
Exploits0References1
euvd
euvd
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-178307

Malicious code in janus-mysql-delphinus-convict npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-178309

Malicious code in janus-greatfilter-cosmiconfig-ursa npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-180168

Malicious code in axios-mineralogy-pyxis-janus npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-176285

Malicious code in solis-promise-janus-aurora npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-177960

Malicious code in markdown-cors-janus-dotenv-parse-variables npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.4 views

EUVD-2025-179552

Malicious code in cosmiconfig-gatsby-janus-slides npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.3 views

EUVD-2025-179614

Malicious code in concurrently-hawkingradiation-tailwindcss-janus npm...

6.6AI score
Exploits0
euvd
euvd
added 2025/11/13 3:23 a.m.5 views

EUVD-2025-176482

Malicious code in scripts-yaml-janus-gacrux npm...

6.6AI score
Exploits0
ossf
ossf
added 2025/11/13 3:23 a.m.5 views

Malicious code in ganymede-publish-development-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 978c79b7d18ea06f986d6e2fb7985646d5a51af15f00263077e92558383d6c22 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
ossf
ossf
added 2025/11/13 3:23 a.m.8 views

Malicious code in soap-commitizen-markdown-janus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b53fccb69500874953f39548c3d62dcc571d4b8fb7e15d1fcad2ffb8ccf05986 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder