Malicious Package

Overview tensorzero-node is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview redirect-0vaxnw is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview @sev-ui-verse/hooks-and-helpers is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and th...

Linux Distros Unpatched Vulnerability : CVE-2013-2024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OS command injection vulnerability in the qs procedure from the utils module in Chicken before 4.9.0. CVE-2013-2024 Note that Nessus relies on the presence of t...

Linux Distros Unpatched Vulnerability : CVE-2021-29977

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough...

Zhejiang Unicom APP has logic flaw vulnerability

Zhejiang Unicom mobile client is a communication service app software. The software serves for the exchange and communication between the company and its customers, allowing users to check their Internet traffic and package usage at any time. Zhejiang Unicom APP has a logic flaw vulnerability,...

Directory Traversal

Overview Affected versions of commentapp.stetsonwood resolve relative file paths, resulting in a directory traversal vulnerability. A malicious actor can use this vulnerability to access files outside of the intended directory root, which may result in the disclosure of private files on the...

Downloads Resources over HTTP

Overview Affected versions of node-bsdiff-android insecurely download resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and...

Downloads Resources over HTTP

Overview Affected versions of scala-bin insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code execution on...