Lucene search
K

17 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/09 12:17 a.m.4 views

Malicious code in study-lab-npm-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ddc0a35e84f7b481414283261b7ca20709c25f15da68f387188a9eb0def1b523 The package study-lab-npm-test was found to contain malicious code...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-1172

Malware in sbrugna...

9.3CVSS8AI score0.01752EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in npm-test-install (npm)

The package npm-test-install was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in beishanxueyuan-npm-test (npm)

The package beishanxueyuan-npm-test was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-27847 Malicious code in npm-test-install (npm)

The package npm-test-install was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/23 3:56 p.m.0 views

Malicious code in npm-test-lowerx3 (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/10/09 2:7 p.m.3 views

MAL-2024-9184 Malicious code in shmam-test-npm-test-5 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b028136f8820f808eb720a45a7f396272c884a63944c004999ce50781449b6d7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2023/01/29 3:29 p.m.2 views

Malicious Package

Overview bbq-123-npm-test is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package...

9.8CVSS7.1AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 9:13 p.m.3 views

Malicious code in npm-test-failer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f5a379a5c56d0b7d910cd1583efec3a5fe98687eef6cc10097b99682dbde7ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 9:13 p.m.4 views

MAL-2022-4942 Malicious code in npm-test-failer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4f5a379a5c56d0b7d910cd1583efec3a5fe98687eef6cc10097b99682dbde7ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/01 4:15 p.m.62 views

Downloads Resources over HTTP in npm-test-sqlite3-trunk

Affected versions of npm-test-sqlite3-trunk insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executio...

9.3CVSS6.4AI score0.01752EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/09/01 4:15 p.m.20 views

GHSA-MF7C-58Q5-7V65 Downloads Resources over HTTP in npm-test-sqlite3-trunk

Affected versions of npm-test-sqlite3-trunk insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code executio...

9.3CVSS8.1AI score0.01752EPSS
Exploits0References2
NVD
NVD
added 2018/06/04 7:29 p.m.26 views

CVE-2016-10695

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

9.3CVSS8.3AI score0.01752EPSS
Exploits0References1
Prion
Prion
added 2018/06/04 7:29 p.m.14 views

Remote code execution

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

9.3CVSS8AI score0.01752EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2018/06/04 7:29 p.m.17 views

CVE-2016-10695

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

8.1CVSS8.6AI score
Exploits0References1
Cvelist
Cvelist
added 2018/06/04 7:0 p.m.26 views

CVE-2016-10695

The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution RCE by swapping out the requested resources with an...

8.3AI score0.01752EPSS
Exploits0References1
Veracode
Veracode
added 2018/05/18 4:21 a.m.7 views

Malicious Test Script

ladder-text-js is vulnerable to malicious test script. The package contains a malicious test script that attempts to delete all files on the system when the npm test command is run...

6.7AI score
Exploits0
Rows per page
Query Builder