MAL-2025-69258 Malicious code in main-coffee-smelt (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8399e9569f57d1f6e9b8028b704c023bbfb0e549753b5c63a174fcb1b87e849c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-69260 Malicious code in main-fuchsia-lemming (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 291b3394a7972fa6f001e533ee6ed1a22f9a8719f5fa46028be013568e4a33de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in main-olive-grasshopper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f5658bbe8d9f66c130431ca5a7e8dddc5d4eeb4a5fa48889cf325759b36e6f34 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in main-rose-echidna (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96c12b25a27635c108d12ed4d1c57e79034142dd264d29617696882c1ac1669e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in main-gray-boar (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac50ae13c089692a427e9a08e58fc637a1d950bc65765ba51b3913a61d50433b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-53386

Malicious code in main-moccasin-baboon npm...

EUVD-2025-53384

Malicious code in main-rose-echidna npm...

EUVD-2025-58430

Malicious code in mainstingrayz3n npm...

Malicious code in main_stingray_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b896da43a88fbefd5444ee4005b196bdb2098da9280475f5ceba2007d7060a6a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-46469

Malicious code in mainclownfishz3n npm...

Malicious code in main_clownfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fefb8ce2375a6a61b04b41d227727cbf1fcaeace5ecee1ec600984e0601c28a3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

[SECURITY] Fedora 43 Update: python-cloudpickle-3.1.2-1.fc43

cloudpickle makes it possible to serialize Python constructs not supported by the default pickle module from the Python standard library. cloudpickle is especially useful for cluster computing where Python expressions are shipped over the network to execute on remote hosts, possibly close to the...

CVE-2025-12860

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-12860

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-12860 DedeBIZ freelist_main.php sql injection

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

EUVD-2025-38254

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2025-12860 DedeBIZ freelist_main.php sql injection

A vulnerability was found in DedeBIZ up to 6.3.2. Affected is an unknown function of the file /admin/freelistmain.php. The manipulation of the argument orderby results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...

DedeBIZ 安全漏洞

DedeBIZ is a content management system from China Muyun Intelligence DedeBIZ company. A security vulnerability exists in DedeBIZ 6.3.2 and earlier versions, which stems from an incorrect manipulation of the parameter orderby in the file /admin/freelistmain.php, which could lead to a SQL injection...

ASB-A-374746961

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-47045

Name of the Vulnerable Software and Affected Versions D-Link DIR-816L version 2 06 b09 beta Description A stack-based buffer overflow exists in the scandir main function of the /portal/ ajax exporer.sgi file. This flaw can be exploited remotely. The argument en can be manipulated to trigger the...