Malicious code in lunasec (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52ffe1d0846a694f3b7e75d9064515e2cb7a42074ea0b54d8077d5bdb0cf3993 Any computer that has this package installed or running should be considered...

MAL-2025-5991 Malicious code in lunasec (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 52ffe1d0846a694f3b7e75d9064515e2cb7a42074ea0b54d8077d5bdb0cf3993 Any computer that has this package installed or running should be considered...

Malicious code in lunasec-sdks (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30db7cb288f3beca8f5d1a2fea732e95b2d3c3e391211e7efd835f0cd960e2f9 Any computer that has this package installed or running should be considered...

MAL-2025-5705 Malicious code in lunasec-sdks (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 30db7cb288f3beca8f5d1a2fea732e95b2d3c3e391211e7efd835f0cd960e2f9 Any computer that has this package installed or running should be considered...

MAL-2025-2887 Malicious code in lunasec-go-monorepo (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in lunasec-go-monorepo (npm)

--- -= Per source details. Do not edit below this line.=-...

Spring4Shell-POC - Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit

This is a dockerized application that is vulnerable to the Spring4Shell vulnerability CVE-2022-22965. Full Java source for the war is provided and modifiable, the war will get re-built whenever the docker image is built. The built WAR will then be loaded by Tomcat. There is nothing special about...

Exploit for Code Injection in Vmware Spring_Framework

Spring4ShellCVE-2022-22965 Spring Framework RCE via Data Bi...

Critical vulnerability in log4j may affect generated PEAR projects

Impact UIMA PEAR projects that have been generated with the de.averbis.textanalysis:pear-archetype version 2.0.0 have a maven dependency with scope test to log4j 2.8.2 and might be affected by CVE-2021-44228. Patches - The issue has been resolved in de.averbis.textanalysis:pear-archetype version...

Exploit for Expression Language Injection in Apache Log4J

CVE-2021-45046-Info Oh no another one POC $ctx:apive...

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

An excruciating, easily exploited flaw in the ubiquitous Java logging library Apache Log4j could allow unauthenticated remote code execution RCE and complete server takeover — and it’s being exploited in the wild. The flaw first turned up on sites that cater to users of the world’s favorite game,...