Lucene search
K

1926 matches found

OSV
OSV
added 3 days ago8 views

MAL-2026-6748 Malicious code in haproxy-config-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f70d07844bca4fadfcedb195f5768c8a95318af4d62a4bcec94556b99b72c4ad During installation the obfuscated code downloads a malicious executable from a remote location. Code is designed to survive different blocks: first, there is ...

6.2AI score
Exploits0References2
Nuclei
Nuclei
added 3 days ago49 views

XWiki < 4.10.15 - Email Disclosure

The Solr-based search in XWiki discloses the email addresses of users even when obfuscation of email addresses is enabled. To demonstrate the vulnerability, search for objcontent:email using XWiki's regular search interface. id: CVE-2023-50720 info: name: XWiki 4.10.15 - Email Disclosure author:...

5.3CVSS6.1AI score0.59119EPSS
Exploits0References2
Krebs on Security
Krebs on Security
added 4 days ago9 views

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation FBI said today it worked with industry partners to seize hundreds of domains associated with NetNut , a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum TechnologiesNASDAQ: ALAR. The action comes roughly two weeks after...

5.9AI score
Exploits0
EUVD
EUVD
added 6 days ago8 views

EUVD-2022-52713

RabbitMQ has predictable credential obfuscation seed value used in Shovel and Federation plugins...

7.5CVSS7.1AI score0.00307EPSS
Exploits0References4
OSV
OSV
added 2026/06/27 8:52 p.m.9 views

MAL-2026-6549 Malicious code in discord-token-generator (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebd016cfcb52b59c0141268099b96c1336a15ca1d0afce46f367c7fe376f57de discordtokengenerator/init.py imports tokens.py, which instantiates TokenManager at module load. The constructor calls notin, which concatenates eigh...

5.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/26 9:23 a.m.6 views

Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References7
OSV
OSV
added 2026/06/26 9:23 a.m.5 views

MAL-2026-6515 Malicious code in sqligen (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de59ac5884f286d69e42a71ba0cb7b99aa06d2b1f0e28a279a84d3db86eb3196 setup.py contains an obfuscated install-time dropper that fires on Windows. Two functions with diagnostic-sounding names 'GetDefaultSystemPolicy' /...

6.5AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/23 2:12 p.m.7 views

Malicious code in @outmarket/utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cd90f0d706cda01a5740f120f6e8d22ae57d907a5000854439c201b3c53a8c0 package.json declares a postinstall lifecycle script that fires automatically on npm install. The inline node -e payload uses hex-encoded property...

5.9AI score
Exploits0References3
OSV
OSV
added 2026/06/20 11:24 p.m.18 views

MAL-2026-6247 Malicious code in requests-enhancer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0f61f1a905e0ec1bb593f7b20d4f9a8a9e72deeb16440f72acbcaf00aeab1cd On import requestsenhancer, the package's init.py spawns a daemon thread that runs pip install...

6.7AI score
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in the WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI through a crafted HTML page. Chromium security severity: Low...

4.3CVSS6.3AI score0.00646EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.2AI score0.00657EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6AI score0.00657EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 9:32 p.m.8 views

Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score
Exploits0References6
OSV
OSV
added 2026/06/17 9:32 p.m.18 views

MAL-2026-6083 Malicious code in syncagents (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aebf468a6887fb09002d4ae4aceab77e347034b389b02e252844f7d0d81fabd6 The PyPI package 'syncagents' impersonates the legitimate PyPI package 'agentsync' — the README, PKG-INFO, CHANGELOG, and project URLs all point at...

5.9AI score
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 4:22 p.m.6 views

Malicious code in chai-as-polished (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2ea0d46e0bb4382e8d684d025cb72b7f99e37874c571e9946ae1268b70be6cf Package name is a one-edit typosquat of the widely-used chai-as-promised, but the shipped code is unrelated to chai. The exported middleware spawns a...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/06/16 9:48 a.m.9 views

MAL-2026-5876 Malicious code in temp-development-package-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5cdc1d94dd0cfb62a4a0267ae52bf1a72dfa31a6854196b4bb220759b7c6e878 Starting with version 0.4, package installs a sitecustomize.py that executes during Python engine initialization. The embeded code uses mshta to download...

5.6AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 8:58 a.m.12 views

Malicious code in myfirstpackagetestaaa (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c05b4934471efac919453e87b37a94a9a92c930455283c0bfb85b535c61f4a6b During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/16 8:47 a.m.8 views

Malicious code in aaaazzzzaz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1698c50a4706300296a442bbb0ae57280e870d8c83575d68218143e4ffd6645 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSV
OSV
added 2026/06/16 8:47 a.m.6 views

MAL-2026-5874 Malicious code in aaaazzzzaz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1698c50a4706300296a442bbb0ae57280e870d8c83575d68218143e4ffd6645 During installation, the code attempts to download and start a malicious executable. Likely related to 2025-08-raknet-testing-package. --- Category: MALICIOUS ...

5.5AI score
Exploits0References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 10:0 p.m.8 views

Malicious code in testpackagemanyhttpsgo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 336f39e218fe5b5a09ef8ee7757efa7a0ca73c0fe6571bc232d735448499a950 At install time, setup.py fetches https://tmpfiles.org/dl/wawHVGgfydD7/6a306c5f03a52.exe via urllib, writes the response to disk, and executes it wit...

5.6AI score
Exploits0References6
Rows per page
Query Builder