CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2024/12/27 12:0 a.m.•5 views

PT-2024-36829 · Tcpdf +2 · Tcpdf +2

Name of the Vulnerable Software and Affected Versions: tc-lib-pdf-font versions prior to 2.6.4 TCPDF versions prior to 6.8.0 Description: The issue is related to the mishandling of fonts, specifically the misparsing of FontBBox for Type 1 and TrueType fonts. This problem affects the management of...

7.5CVSS6.8AI score0.01325EPSS

Exploits3References31

OSV•added 2024/12/23 8:45 a.m.•1 views

MAL-2024-12103 Malicious code in ing-lib-lease-calculator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e175e014684f4b2ec9792475691d5f3742f09c6258903491f2aae10f4d252120 The OpenSSF Package Analysis project identified 'ing-lib-lease-calculator' @ 1.1.0 npm as malicious. It is considered malicious because: - The...

5.8AI score

OSV•added 2024/12/22 6:32 a.m.•4 views

MAL-2024-12096 Malicious code in lib-wallet-store (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61a0b7fe2eb9c6236a827159916053db6e8ceb5fd8aec76e15eb7c2711d95d73 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/12/22 6:32 a.m.•1 views

Malicious code in lib-wallet-store (npm)

6.8AI score

OSV•added 2024/12/19 11:24 a.m.•5 views

MAL-2024-11968 Malicious code in dhp-http-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4e3bd8d790ed5b426b7b312480732dc8343670572c60141f63f9a0d7df7b8efe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2024/12/19 11:24 a.m.•2 views

Malicious code in dhp-http-lib (npm)

6.9AI score

OSSF Malicious Packages•added 2024/12/19 10:46 a.m.•2 views

Malicious code in bitcoinjs-lib-v6 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d413653ebb15cdf1e00c6e1053b21b33afb6324cfa26b1b20f93f6bc1e9ac19b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

OSV•added 2024/12/19 10:46 a.m.•4 views

MAL-2024-11944 Malicious code in bitcoinjs-lib-v6 (npm)

OSV•added 2024/12/18 12:48 p.m.•7 views

MAL-2024-12178 Malicious code in @dz-lib/dz-cli (npm)

This package has a preinstall script to download an execute a Go-variant of the Cobalt Strike beacon. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ec9421e5d1892420fe8194f8361f8c856ef3b31d6996e2554d840fc850e59a1e Any computer that has this package installed or...

7.1AI score

Tenable Nessus•added 2024/12/13 12:0 a.m.•12 views

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50205)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50205 advisory. - In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by ze...

5.5CVSS6AI score0.00229EPSS

Exploits0References2

OSSF Malicious Packages•added 2024/12/11 10:0 a.m.•2 views

Malicious code in lib-jitsi-meet-sample (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0247e3f2877ee9dba4689c00ae13db004afaea694957dfb979bf3cfbd1ef9e31 The OpenSSF Package Analysis project identified 'lib-jitsi-meet-sample' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

7.2AI score

OSV•added 2024/12/11 10:0 a.m.•11 views

MAL-2025-846 Malicious code in lib-jitsi-meet-sample (npm)

7.4AI score

OSSF Malicious Packages•added 2024/12/09 11:35 p.m.•3 views

Malicious code in tokenize-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4bf2139d8e0c1fd0cc2a5999a43ea8e49dce3b4cfdc1945fab3c8f5160851e1e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2024/12/09 11:35 p.m.•2 views

MAL-2024-12158 Malicious code in tokenize-lib (npm)

7.2AI score

OSSF Malicious Packages•added 2024/12/09 10:11 a.m.•4 views

Malicious code in dhp-logging-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware def2cfdcf7555dce8bc6545670a20f1748d6588683a817bc7d922f42c8e9cd43 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score

OSV•added 2024/12/09 10:11 a.m.•8 views

MAL-2024-11769 Malicious code in dhp-logging-lib (npm)

OSV•added 2024/12/09 6:50 a.m.•6 views

MAL-2024-11625 Malicious code in lib-defender (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score