Lucene search
K

790 matches found

OSV
OSV
added 2025/10/23 6:22 a.m.8 views

SUSE-SU-2025:3744-1 Security update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock

This update for aws-cli, local-npm-registry, python-boto3, python-botocore, python-coverage, python-flaky, python-pluggy, python-pytest, python-pytest-cov, python-pytest-html, python-pytest-metadata, python-pytest-mock contains the following fixes: Changes in aws-cli: - Update to 1.33.26...

9.1CVSS6.7AI score0.00873EPSS
Exploits1References13
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-42899 Malicious code in @teamteanpm2024/similique-non-laudantium (npm)

The package @teamteanpm2024/similique-non-laudantium was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in atmpaxos (npm)

The package atmpaxos was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in d-zyx (npm)

The package d-zyx was found to contain malicious code...

7AI score
Exploits0
Snyk
Snyk
added 2023/02/21 8:17 a.m.3 views

Malicious Package

Overview tools-access-express is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2022/09/28 8:13 a.m.2 views

Malicious Package

Overview v2ish1yan is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2022/09/28 8:12 a.m.2 views

Malicious Package

Overview @aszxc/npmexp is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2022/09/08 11:24 a.m.2 views

Malicious Package

Overview en-task-duedate-utils is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Snyk
Snyk
added 2022/06/23 9:24 a.m.2 views

Malicious Package

Overview @sky-mavis/design-system is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7AI score
Exploits0References3
Snyk
Snyk
added 2022/06/23 9:24 a.m.4 views

Malicious Package

Overview mad-expo-core is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

9.8CVSS7AI score
Exploits0References3
Rows per page
Query Builder