59081 matches found
EUVD-2025-113286
Malicious code in ganymede-uglify-js-quark-dotenv npm...
MAL-2025-145155 Malicious code in mongoose-javascript-cosmiconfig-mongoose (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0460219f1419054f30e265dadd5b11cfe5e7dd6e47ccaa607a01958dc356c40 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148877 Malicious code in uglify-js-pegasus-proxima-superagent (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9f0f16606331574b494cba2d3bb53773f1cc5c2e3d2a7e3f0c08d9f8320b23b7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143876 Malicious code in javascript-await-upgrade-venus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14592802e63f3973ef3ffea2ec15e4d1dd4b08a23406db7faf7b24ee39c3e473 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-120065
Malicious code in zenobia-javascript-transport-acamar npm...
EUVD-2025-112671
Malicious code in hydra-eslint-config-nodejs-triton npm...
Malicious code in vuetify-postcss-loader-mongodb-less (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c1901883a12e5906a3aa40a43f8816c93e38fefb894c40b8271a376d5bb6d12d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in parcel-scorpius-mdx-umbriel (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bc7a21c4963dc60ce68de9cc69056a821e1b943c03d0a1cda2e6c27e06d667d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112526
Malicious code in ini-draco-frontend-quark npm...
MAL-2025-149501 Malicious code in winston-javascript-fork-pino (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c31d8ef523f64895d99cdf3b37549e07b7ff03de07b73488c2b778f8569fd1ab This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148880 Malicious code in uglify-js-quito-ursa-fomalhaut (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aaadc495679e60a19ec8445196bd4b7acb163dfea8b86c1a624c45ecead0fef3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142946 Malicious code in global-phoebe-hermes-mira (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b5b9cf8f68fe78b8401aafb88d4aaf8ce51f84264f6b6d3ad78a28340871c9b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...