Lucene search
+L

9 matches found

osv
osv
added 2 days ago3 views

MAL-2026-10613 Malicious code in ethereum-lib-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 58bddf420dcb894a940b62fba777628f0c3a9d31dd7fa915afaea618c1914d52 Package [email protected] impersonates the widely-used ethereumjs-util library: the package name, README badge, repository, homepage, and auth...

6.2AI score
Exploits0References2
ossf
ossf
added 2026/06/23 3:55 p.m.9 views

Malicious code in web3-eth-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2e70ad91037bdc97e6b1ab8c95f5f2b5eecdb4524582d79dae5f240cbdbfc29 Package name and metadata impersonate the legitimate @ethereumjs/util / ethereumjs-util packages: README is copied verbatim from the upstream...

6.1AI score
Exploits0References2
osv
osv
added 2026/06/23 3:55 p.m.6 views

MAL-2026-6325 Malicious code in web3-eth-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f2e70ad91037bdc97e6b1ab8c95f5f2b5eecdb4524582d79dae5f240cbdbfc29 Package name and metadata impersonate the legitimate @ethereumjs/util / ethereumjs-util packages: README is copied verbatim from the upstream...

6.1AI score
Exploits0References2
euvd
euvd
added 2026/01/05 9:43 p.m.8 views

EUVD-2026-0847

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file...

9.2CVSS6.3AI score0.02058EPSS
Exploits2References4
vulnrichment
vulnrichment
added 2026/01/05 9:43 p.m.6 views

CVE-2025-68428 jsPDF has Local File Inclusion/Path Traversal vulnerability

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file...

9.2CVSS6.4AI score0.02058EPSS
Exploits2References3
cvelist
cvelist
added 2026/01/05 9:43 p.m.51 views

CVE-2025-68428 jsPDF has Local File Inclusion/Path Traversal vulnerability

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file...

9.2CVSS0.02058EPSS
Exploits2References3
ossf
ossf
added 2023/04/29 1:25 a.m.9 views

Malicious code in donuts.node-build (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6b8d6fee5827de9688cc9b83812dc32e54e33531a0bd2fd179dc3e2935564dc7 The OpenSSF Package Analysis project identified 'donuts.node-build' @ 99.99.104 npm as malicious. It is considered malicious because: - The...

7.1AI score
Exploits0References1
snyk
snyk
added 2023/03/01 8:18 a.m.4 views

Malicious Package

Overview donuts.node-build is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7.1AI score
Exploits0References3
nessus
nessus
added 2014/11/08 12:0 a.m.56 views

RHEL 6 : rhev-hypervisor6 (RHSA-2012:1375)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1375 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor...

7.8CVSS6.6AI score0.06158EPSS
Exploits1References9
Rows per page
Query Builder