Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/12 10:25 p.m.2 views

Malicious code in poliaoz-aiksgsdfo-aoan (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 18bf154c5946019e6b144b54d55e67c4fed573cad4a4b6d095f49cf1a3b2d722 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSVadded 2025/11/11 7:26 a.m.1 views

MAL-2025-109330 Malicious code in supreme_owl_0xrequest (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 874b49c40a120c8cd737c59143cd40704d0001988bfdd07366441a651f0d8352 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/11 5:18 a.m.2 views

Malicious code in diverse_aphid_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 98da005aba61a420a4da58f81bc6deea3357a6e20f49591b7300f138327c9d79 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/11/10 5:21 p.m.2 views

Malicious code in andi-dradag96-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 93ec9816659763a7fc97ea277c88de361499d984e84775e38dba5b2b3d500bc4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
NVD
NVDadded 2008/07/21 4:41 p.m.13 views

CVE-2008-3187

zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service package data corruption via a spoofed key...

5CVSS6.5AI score0.00348EPSS
Exploits1References4
Prion
Prionadded 2008/07/21 4:41 p.m.14 views

Design/Logic Flaw

zypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service package data corruption via a spoofed key...

5CVSS7AI score0.00348EPSS
Exploits1References4Affected Software1
CVE
CVEadded 2008/07/21 4:0 p.m.54 views

CVE-2008-3187

This CVE affects SUSE/openSUSE’s zypper/zypp-refresh-patches workflow. Specifically, in SUSE openSUSE 10.2, 10.3, and 11.0, the component does not prompt before accepting repository keys, allowing a remote repository to trigger a denial of service (package data corruption) via a spoofed key. The ...

5CVSS6.5AI score0.00348EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder