644 matches found
EUVD-2024-0055
Malicious code in bioql PyPI...
EUVD-2025-21408
Malicious code in bioql PyPI...
EUVD-2024-17541
Malicious code in bioql PyPI...
EUVD-2025-19545
Malicious code in bioql PyPI...
EUVD-2023-24315
Malicious code in bioql PyPI...
EUVD-2023-59115
Malicious code in bioql PyPI...
EUVD-2025-30101
Malicious code in bioql PyPI...
EUVD-2022-43082
Malicious code in bioql PyPI...
EUVD-2023-1130
Malicious code in bioql PyPI...
@art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/fastify-http-server (>=2.0.15 <=2.0.23)
@art-ws/fastify-http-server NPM version =2.0.15, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47378...
MAL-2025-47380 Malicious code in @art-ws/openapi (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95bf1ca6cf44627c0e79bccad94ab171021ece601814ac65cc70d055d925a3f0 Any computer that has this package installed or running should be considered fully compromised. All...
@art-ws/fastify-http-server (>=2.0.1 <=2.0.23), @art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/di (>=2.0.1 <=2.0.27)
@art-ws/di NPM version =2.0.1, =2.0.1, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47375...
@art-ws/fastify-http-server (>=2.0.1 <=2.0.23), @art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/http-server (>=2.0.1 <=2.0.20)
@art-ws/http-server NPM version =2.0.1, =2.0.1, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: OSV:MAL-2025-47379...
Malicious code in @art-ws/openapi (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 95bf1ca6cf44627c0e79bccad94ab171021ece601814ac65cc70d055d925a3f0 Any computer that has this package installed or running should be considered fully compromised. All...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...
@art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/fastify-http-server (>=2.0.15 <=2.0.23)
@art-ws/fastify-http-server NPM version =2.0.15, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSFASTIFYHTTPSERVER-12744474...
@art-ws/fastify-http-server (>=2.0.1 <=2.0.23), @art-ws/openapi (>=0.1.1 <=0.1.8) potentially affected by unknown CVE via @art-ws/di (>=2.0.1 <=2.0.27)
@art-ws/di NPM version =2.0.1, =2.0.1, =0.1.1, =0.1.8 Source cves: unknown CVE Source advisory: SNYK:JS-ARTWSDI-12744471...
Linux Distros Unpatched Vulnerability : CVE-2022-3726
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows...
Linux Distros Unpatched Vulnerability : CVE-2024-1816
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 12.0 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1...
Malicious code in okta-sdk-golang-openapi (npm)
The package okta-sdk-golang-openapi was found to contain malicious code...