104 matches found
CVE-2025-65548
NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell cashubtc/nuts before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary da...
CVE-2025-65548
NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell cashubtc/nuts before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary da...
CVE-2025-65548
NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell cashubtc/nuts before 0.18.0 do not validate the size of preimage when the token is spent. The preimage is stored by the mint and attacker can exploit this vulnerability to fill the mint's db nd disk with arbitrary da...
EUVD-2025-140115
Malicious code in miusafasdaan-nut-afnaearaaf npm...
EUVD-2025-140105
Malicious code in miusafasdan-nut-afnaearaaf npm...
EUVD-2025-140108
Malicious code in miusafasdagan-nut-afnaearaaf npm...
EUVD-2025-136339
Malicious code in sgoodaini-sanuga-nut npm...
Malicious code in madr-nut-beligoli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b06e0a8f4ab314bb9e746545d27667c4cd16e8f114770f608c9c36487b1c7e27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164409 Malicious code in polymedarnan-nut-budipe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d4864b55573d5ca384cf229736eb5ebf87e67f1bbe814c3ef713d07118ed63b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in maalasha-nut-posis (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 438aba14c6fe2660a57161f64081ceee8f2e5f0749136edc537691c9b7a79d7c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mad-nut-beligoli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7fb809b4793aa087e08c279bca8aca8e098b35265912ec35a96525daeaea7e4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymedarnan-nut-bant (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b71c2000559d356ff18e8e4b97c09e27da98e9fc046a38f5e162b62a54ad8a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in madri-nut-beligoli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bbe6bdbc961876685f05176c53466df1eb16ec1c332dd7653d3d9e6bbdeb628 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-164407 Malicious code in polymedarnan-nut-bantadl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0a55c41ac5ac19249d235d8a5357e8c25cbe2185250f8962bf623b0f4e4c18be This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymedarnan-nut-banta (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a98d5a7ef8803e31b2ae096db721b9745dde7ee8391e1b6c3772ca10413ace29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2020-19732
Malware in sbrugna...
EUVD-2016-7469
Malware in sbrugna...
EUVD-2016-7468
Malware in sbrugna...
EUVD-2016-7470
Malware in sbrugna...
CVE-2020-27213
An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers ISNs for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existin...