androidqf: APK download Path Traversal in device APK paths

Summary During device acquisition, getPathToLocalCopy constructs local filesystem paths for downloaded APKs using a filename component extracted by extractFileName. The extraction splits on ==/ and takes the remainder without sanitization. If a compromised device returns a crafted APK path...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal due to unsafe path handling. An attacker can access, overwrite, or delete files outside the intended directories by supplying specially crafted names or archive entries containing path traversal sequences...

EUVD-2021-1018

Malware in sbrugna...

MAL-2025-46999 Malicious code in @amazon-bedrock-agents-healthcare-lifesciences/docs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecf7f917126f8a71d26227e7f55cdabe99eed6831cb23345e4045192f6a36446 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection via the dataAdminusername parameter in the /apprain/admin/manage/add/ path. An attacker can access, modify, or delete database records by injecting crafted input. Remediation There is no fixed version for apprain/apprain...

Malicious code in @espace-client-axafr/arret-travail (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in @malware-test-tossy-beany-ryals-makos/test-mlw3-tossy-beany-ryals-makos (npm)

The package @malware-test-tossy-beany-ryals-makos/test-mlw3-tossy-beany-ryals-makos was found to contain malicious code...

MAL-2025-8726 Malicious code in @malware-test-inure-rondo-woven-total/test-mlw3-inure-rondo-woven-total (npm)

The package @malware-test-inure-rondo-woven-total/test-mlw3-inure-rondo-woven-total was found to contain malicious code...

MAL-2025-8581 Malicious code in @malware-test-cross-pitta-olive-hards/test-mlw3-cross-pitta-olive-hards (npm)

The package @malware-test-cross-pitta-olive-hards/test-mlw3-cross-pitta-olive-hards was found to contain malicious code...

MAL-2025-8718 Malicious code in @malware-test-hoofs-slobs-cusps-winze/test-mlw3-hoofs-slobs-cusps-winze (npm)

The package @malware-test-hoofs-slobs-cusps-winze/test-mlw3-hoofs-slobs-cusps-winze was found to contain malicious code...

Malicious code in @malware-test-quite-tabby-sider-rabis/test-mlw3-quite-tabby-sider-rabis (npm)

The package @malware-test-quite-tabby-sider-rabis/test-mlw3-quite-tabby-sider-rabis was found to contain malicious code...

MAL-2025-8750 Malicious code in @malware-test-laces-genii-cobby-feyer/test-mlw3-laces-genii-cobby-feyer (npm)

The package @malware-test-laces-genii-cobby-feyer/test-mlw3-laces-genii-cobby-feyer was found to contain malicious code...

MAL-2025-8449 Malicious code in @malware-test-adage-fisks-steek-ogler/test-mlw3-adage-fisks-steek-ogler (npm)

The package @malware-test-adage-fisks-steek-ogler/test-mlw3-adage-fisks-steek-ogler was found to contain malicious code...

MAL-2025-9057 Malicious code in @malware-test-walla-lakhs-sumph-habit/test-mlw3-walla-lakhs-sumph-habit (npm)

The package @malware-test-walla-lakhs-sumph-habit/test-mlw3-walla-lakhs-sumph-habit was found to contain malicious code...

MAL-2025-8792 Malicious code in @malware-test-miffy-diact-zizel-palms/test-mlw3-miffy-diact-zizel-palms (npm)

The package @malware-test-miffy-diact-zizel-palms/test-mlw3-miffy-diact-zizel-palms was found to contain malicious code...

MAL-2025-9088 Malicious code in @malware-test-zeros-cheep-howes-ciggy/test-mlw3-zeros-cheep-howes-ciggy (npm)

The package @malware-test-zeros-cheep-howes-ciggy/test-mlw3-zeros-cheep-howes-ciggy was found to contain malicious code...

MAL-2025-9039 Malicious code in @malware-test-unrid-stint-biccy-roils/test-mlw3-unrid-stint-biccy-roils (npm)

The package @malware-test-unrid-stint-biccy-roils/test-mlw3-unrid-stint-biccy-roils was found to contain malicious code...

MAL-2025-8608 Malicious code in @malware-test-drail-reran-otter-theek/test-mlw3-drail-reran-otter-theek (npm)

The package @malware-test-drail-reran-otter-theek/test-mlw3-drail-reran-otter-theek was found to contain malicious code...

MAL-2025-8670 Malicious code in @malware-test-ghoul-burps-zinke-dumky/test-mlw3-ghoul-burps-zinke-dumky (npm)

The package @malware-test-ghoul-burps-zinke-dumky/test-mlw3-ghoul-burps-zinke-dumky was found to contain malicious code...

MAL-2025-8516 Malicious code in @malware-test-boyau-punga-teers-fraps/test-mlw3-boyau-punga-teers-fraps (npm)

The package @malware-test-boyau-punga-teers-fraps/test-mlw3-boyau-punga-teers-fraps was found to contain malicious code...