17801 matches found
EUVD-2025-112218
Malicious code in javascript-websockets-neptune-janus npm...
EUVD-2025-112219
Malicious code in javascript-umbriel-kronos-native npm...
EUVD-2025-112216
Malicious code in javascript-zenobia-procyon-orbit npm...
Malicious code in cassini-uglify-js-terser-webpack-plugin-request (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21ce09785669244e7591203f571d73f65427bc99ebccda71d751eb0a498be0e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-113034
Malicious code in grunt-vega-deneb-uglify-js npm...
EUVD-2025-113719
Malicious code in express-superagent-javascript-hapi npm...
EUVD-2025-114155
Malicious code in elektra-webdriver-mocha-xanadu-javascript npm...
EUVD-2025-115756
Malicious code in callisto-redis-miranda-uglify-js npm...
MAL-2025-146135 Malicious code in phenomic-javascript-remark-csv (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 315149a5727b357bfa3b12aeac62126a15734f48ad61a49ce8b7ce4875619e01 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-120524
Malicious code in webpack-public-uglify-js-atlas npm...
EUVD-2025-123773
Malicious code in phoebe-dactyl-hydra-uglify-js npm...
EUVD-2025-123224
Malicious code in protractor-sagitta-xenos-javascript npm...
EUVD-2025-123016
Malicious code in quantum-karma-eslint-plugin-javascript npm...
KLA90262 Multiple vulnerabilities in Mozilla Thunderbird ESR
Multiple vulnerabilities were found in Mozilla Thunderbird ESR. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, spoof user interface. Below is a complete list of vulnerabilities: 1. Use-after-free vulnerability in...
KLA90004 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions...
thunderbird: firefox: Some non-writable Object properties could be modified
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: There was a way to change the value of JavaScript Object properties that were supposed to be non-writeable...
PT-2025-45064
Name of the Vulnerable Software and Affected Versions expr-eval versions prior to 3.0.0 expr-eval-fork versions prior to 3.0.0 Description The expr-eval library, a JavaScript expression parser and evaluator, is susceptible to remote code execution RCE. This issue stems from inadequate input...
CVE-2025-27208
A reflected Cross-Site Scripting XSS vulnerability has been identified in Revive Adserver version 5.5.2. An attacker could trick a user with access to the user interface of a Revive Adserver instance into clicking on a specifically crafted URL and execute injected JavaScript code in the context o...
MAL-2025-48980 Malicious code in airbnb-opentracing-javascript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb6e111a14bd58c590e23784b48c4857ce72456a2fd0e20175152e13d93b0863 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in airbnb-opentracing-javascript (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fb6e111a14bd58c590e23784b48c4857ce72456a2fd0e20175152e13d93b0863 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...