Lucene search
K

257 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/01/08 8:46 p.m.3 views

Malicious code in alchemy-web3-webpack-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0baf7db6925882a96eddaa00b4877f9147183d9b00a85fd69b02e5fe625f7ff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/18 7:51 a.m.2 views

Malicious code in baby-loris (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9155edd098ee3fed04541b192087704f5a42b1f149bdd0f4f487d7e0ae941870 The OpenSSF Package Analysis project identified 'baby-loris' @ 1.0.2 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/04 8:43 p.m.4 views

Malicious code in private-lib-bug-bounty (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef8c8e73b8b4d3414d06cadfd08f308a41276fe31204d26bc85d1eb566c4923c The OpenSSF Package Analysis project identified 'private-lib-bug-bounty' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/04 11:57 a.m.3 views

Malicious code in vue-midata (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc06ec1e2eb7c0a1bd2a27e81568ad8ee48c80f63b74284118e768a9740222e2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
CNVD
CNVD
added 2024/11/21 12:0 a.m.9 views

Unspecified vulnerability in Linux kernel (CNVD-2024-46429)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that placing packets into a dql queue after the dma engine has been started can result in a...

4.7CVSS6.6AI score0.00136EPSS
Exploits0References1
CNVD
CNVD
added 2024/11/21 12:0 a.m.9 views

Unspecified vulnerability in Linux kernel (CNVD-2024-46414)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unpacked kmalloccachenoprof.No details of the vulnerability are provided at this time...

5.5CVSS6.7AI score0.002EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/20 4:40 p.m.4 views

Malicious code in spex-node-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0a39b71a7706221a863e8129674f28f4e5a1aec4ad4dfca5cdb243a0a4916901 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/20 3:3 a.m.4 views

Malicious code in cljs-dopeloop (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9232bb9421a218946057ab6688d62120e80b911ca38062d0ae6c42a951d2cddd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/08 12:15 p.m.6 views

Malicious code in deriv-app-id-action (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c03deb9ccf8f604f4e3ba191f6d8c2e3f94cc273950f13aafde768a468f13071 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 6:46 p.m.4 views

Malicious code in shot2story (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b1cb3804872d11b7f51bfc5588086dcdf5d8b68905b353e7b619ce55bfdf28a0 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 6:46 p.m.5 views

Malicious code in huggingfaces-hub (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 030324e12766820002cc282dbac28f60bb0f2fc82d459e96c82f073a14e75592 A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/11/06 6:46 p.m.4 views

Malicious code in hllm (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c984c02970a9295543df7e945c9aa0ab34b1102216b42ef189fa6d626274a00a A campaign of probably pentest packages flooding PYPI. Installing the package or importing the module triggers reporting basic info like hostname, path and the...

7.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/30 7:22 p.m.4 views

Malicious code in cms-core-redux (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e3940178777e39b1b416f9ed8d09fdf519cf9f5a3e2de2361da01655b196991d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/21 2:56 p.m.4 views

Malicious code in sn-flow-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2c83ae0b3aa74be7de2508ec17549e3bc00e40edd30c62322e91be77ea48e69 package.json declares a preinstall hook "preinstall": "node index.js" that runs index.js automatically on npm install. index.js requires childprocess...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/19 8:51 a.m.3 views

Malicious code in eslint-config-bc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6df69ef80bd1fa8d92354d60af1310a623bcc81f45747601445f423c670e0545 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/04 7:4 a.m.3 views

Malicious code in @linx-ui/shared (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a70dd8ec71455f4177650ed33f72b8da1f8067e2afbebd634836da68f44cbc53 The OpenSSF Package Analysis project identified '@linx-ui/shared' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
CNVD
CNVD
added 2024/09/29 12:0 a.m.6 views

Unspecified vulnerability in Linux kernel (CNVD-2024-40294)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a security vulnerability that stems from a null pointer dereference. No details of the vulnerability are provided at this time...

5.5CVSS6.5AI score0.00236EPSS
Exploits0References1
CNVD
CNVD
added 2024/09/29 12:0 a.m.8 views

Unspecified vulnerability in Linux kernel (CNVD-2024-40274)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking the validity of an index before accessing the bwparams array. No details of the vulnerability a...

7.8CVSS6.5AI score0.00246EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/24 8:46 p.m.3 views

Malicious code in storj-docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c29c7e82f958f9ed89af6fc324d687bfe4e15d4b2aa49fee39f5aeeb4eee5583 The OpenSSF Package Analysis project identified 'storj-docs' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/07/26 4:53 p.m.6 views

Malicious code in cugraph-dgl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6c1f145fd51ee7737cb44e28b07d4ec3bfe53f4a8aac51d0b8bce58ef8bd71f7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.5AI score
Exploits0References1
Rows per page
Query Builder