Lucene search
K

311914 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/31 2:9 a.m.7 views

Malicious code in mkdocs-dataopslive (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a4d8685e053f4695197aa6f21d1fbdad08a1162352aa913aff91ea9753036529 Package exploits dependency confusion. A beacon request is used to report usage back, but no additional information are exfiltrated. --- Category:...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/01/30 10:15 p.m.6 views

CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

7.2CVSS6.7AI score0.00471EPSS
Exploits0References1
OSV
OSV
added 2026/01/30 10:15 p.m.5 views

UBUNTU-CVE-2025-36184

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level...

7.2CVSS6.8AI score0.00471EPSS
Exploits0References3
EUVD
EUVD
added 2026/01/30 4:16 p.m.5 views

EUVD-2020-30957

Outline Service 1.3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in C:\Program Files x86\Outline to inject malicious code that would execute with...

8.5CVSS6.2AI score0.00127EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/30 4:16 p.m.29 views

CVE-2020-37030 Outline Service 1.3.3 - 'Outline Service ' Unquoted Service Path

Outline Service 1.3.3 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in C:\Program Files x86\Outline to inject malicious code that would execute with...

8.5CVSS0.00127EPSS
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/30 10:14 a.m.11 views

Malicious code in userver-requires-at-least-python-3-10 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 482925eb73388f3c834ceef6db5714f819970521367f7129878e38afbaa08bf0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/29 4:22 a.m.6 views

Malicious code in researchpoc2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 543f158149a74f451a6b81f0c088ec8bcfbfb019477a57c17c44da8e58e2df3d The package researchpoc2 was found to contain malicious code. Source: ghsa-malware f4dc24e7a14111cc2df68f08d7e66d1493e2c98b12d547140775f16bfe49f56c A...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/29 4:14 a.m.7 views

MAL-2026-599 Malicious code in jwt-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4102b59becb214e216d479ce014231e41dd264560b48ef7750c7006a3c86e7d6 The package jwt-pack was found to contain malicious code. Source: ghsa-malware c16aba10441aad949bd96fd2a349f2f59d62bf56708394fd925b432c57e2c91b Any...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/29 4:14 a.m.9 views

Malicious code in jwt-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4102b59becb214e216d479ce014231e41dd264560b48ef7750c7006a3c86e7d6 The package jwt-pack was found to contain malicious code. Source: ghsa-malware c16aba10441aad949bd96fd2a349f2f59d62bf56708394fd925b432c57e2c91b Any...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/29 3:52 a.m.5 views

MAL-2026-597 Malicious code in n8n-nodes-comfyui-illu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f55ef8a1d72164c700fe4a5c05d4fa8150e2162291f8a65f5505304b2aeb46b The package n8n-nodes-comfyui-illu was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/29 3:52 a.m.9 views

Malicious code in n8n-nodes-comfyui-illu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f55ef8a1d72164c700fe4a5c05d4fa8150e2162291f8a65f5505304b2aeb46b The package n8n-nodes-comfyui-illu was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/29 3:47 a.m.5 views

MAL-2026-598 Malicious code in wallet-icon-font (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a89aa304ab9d5d7a44ee3e88112f9e35b876ad03a87090749c929e882289c721 The package wallet-icon-font was found to contain malicious code. Source: ghsa-malware 319f118931c6d4b46c7bf09c9474dd23e24873b1c32f093f631cc3dccd10ec...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/01/29 12:3 a.m.5 views

MAL-2026-596 Malicious code in turbotax (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 482f0494fdcfb328794613ca7098174eb93b12a55cc53cb57b73930df8ad238a The package turbotax was found to contain malicious code. Source: ossf-package-analysis...

5.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/28 7:48 p.m.11 views

Malicious code in morty-package (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d87e4d2c5f3096d67a98e166e70ed6d4288c7d7554852e8d14bb60213f9a574b Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

6AI score
Exploits0References1
OSV
OSV
added 2026/01/28 7:45 p.m.5 views

MAL-2026-594 Malicious code in epic-asset-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cc2cb990940a69aa54175e17a56f993e9c380e4eb2bbe8fc9f6e86c09b252464 The package epic-asset-uploader was found to contain malicious code. Source: ghsa-malware...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/01/28 5:56 p.m.5 views

MAL-2026-593 Malicious code in pypi-package-explore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 54257ec88b5f7a5bd69177f84a4c396ab208e727ba1c7b079056f1fab2705c37 Package presents an extremely deep obfuscation of a code that is imported during installation. The exact behavior is unknown, but it includes loading encrypted...

6AI score
Exploits0References1
Snyk
Snyk
added 2026/01/28 4:41 p.m.4 views

Malicious Package

Overview oxnoxon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/01/28 4:39 p.m.8 views

Malicious code in kol7a (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a81ab7bff0ce4494ac98d492444f18a8ec22e0d34f4cbaa30314de910b6a1039 The package kol7a was found to contain malicious code. Source: ghsa-malware 34930716d17313165d83a1830db1542583fbd4c6e6cf873c66cb3dfb5fbfb336 Any...

5.8AI score
Exploits0References1
Snyk
Snyk
added 2026/01/28 4:33 p.m.4 views

Malicious Package

Overview fontcharacter is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.9AI score
Exploits0References2
Snyk
Snyk
added 2026/01/28 4:33 p.m.3 views

Malicious Package

Overview mona-service-target-lynx is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.9AI score
Exploits0References2
Rows per page
Query Builder