Malicious code in marshmellows (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 92a41b4a9b9f5733eae9cfa5ca9c6802d52d803a1835820ee5098f58419fc18e Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in ritch (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bc0d5c6c0c3175de2d5def02fe422574cfee5f7fe3a88f894de7122aa9dcf588 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in oraceldb (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 723248915f1acb6de7c5bed00d0d554ced6b8cd6359d79436c8ab02f49f18360 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in pydantics (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 dda36b358c57e79abf804d53d4750cf2836f930b07aa524c0b5c4d231d92143f Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

Malicious code in pandaai (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 df1ebe5561b29a204a7e66d7c192f0f6e3814311636ca14cdeffe47b8f812810 Package is a typosquatting or dependency confusion attempt with a low-harm local-only action, like leaving a flag file. --- Category: PROBABLYPENTEST - Package...

EUVD-2025-37425

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.14.16. This is due to the plugin's REST API endpoint accepting arbitrary absolute file paths without proper validation in the...

PT-2024-32172

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to the Linux kernel, where the lwt seg6 related BPF ops can be invoked via bpf test run without entering input action end bpf first. This is because the per-CPU...

php session ID leakage

The outputaddrewritevar function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a loca...

php session ID leakage

The outputaddrewritevar function in PHP before 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which allows remote attackers to obtain potentially sensitive information by reading the requests for this URL, as demonstrated by a rewritten form containing a loca...