Lucene search
K

111 matches found

OSV
OSV
added 2025/11/10 5:21 p.m.2 views

MAL-2025-55968 Malicious code in effective_spoonbill_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f74924a4772ee9ebb15d7712f24113e3d2f9e0186996efab6f6dc154aa7ace05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 4:5 a.m.2 views

Malicious code in candra-empal72-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bd139ca8e4ffff0a5d97377ece479139d3513afc0eeac5703c01342b6936815 The package candra-empal72-breki was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flood...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 4:5 a.m.2 views

Malicious code in dewi-lepet59-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5d9e316c9be55841b614c08a60e4d89b5a953055bc3ddd2c5546ec713d4d3acd The package dewi-lepet59-riris was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...

6.9AI score
Exploits0
NVD
NVD
added 2019/02/04 9:29 p.m.9 views

CVE-2019-1000012

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised...

8.8CVSS8.9AI score0.00877EPSS
Exploits0References2
NVD
NVD
added 2019/02/04 9:29 p.m.25 views

CVE-2019-1000013

Hex package manager hexcore version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromis...

8.8CVSS8.9AI score0.00877EPSS
Exploits0References2
NVD
NVD
added 2019/02/04 9:29 p.m.10 views

CVE-2019-1000014

Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages from malicious/compromised mirro...

8.8CVSS8.9AI score0.0179EPSS
Exploits0References1
OSV
OSV
added 2019/02/04 9:29 p.m.20 views

CVE-2019-1000013

Hex package manager hexcore version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromis...

8.8CVSS7.3AI score
Exploits0References2
Cvelist
Cvelist
added 2019/02/04 9:0 p.m.25 views

CVE-2019-1000013

Hex package manager hexcore version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromis...

9AI score0.00877EPSS
Exploits0References2
CVE
CVE
added 2019/02/04 9:0 p.m.47 views

CVE-2019-1000012

Hex package manager versions 0.14.0–0.18.2 contain a signing oracle vulnerability in the package registry verification, which can allow package modifications to go undetected and lead to code execution when victims fetch packages from a malicious/compromised mirror. The issue is tied to the regis...

8.8CVSS8.9AI score0.00877EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/02/04 9:0 p.m.22 views

CVE-2019-1000012

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised...

8.9AI score0.00877EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/08/29 12:0 a.m.17 views

Fedora 20 : perl-Plack-1.0031-1.fc20 (2014-9542)

---------------------------------------------------------------------- ---------- ChangeLog : - Fri Aug 8 2014 Ralf Corsepius - 1.0031-1 - Upstream update. - Thu Jan 16 2014 Ralf Corsepius - 1.0030-3 - Move misplaced %exclude-line from base-package to -Test. - Wed Jan 15 2014 Ralf Corsepius -...

5CVSS5.3AI score0.02455EPSS
Exploits0References3
Rows per page
Query Builder