Lucene search
K

127 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2012-1837

Malware in sbrugna...

6.5CVSS6.4AI score0.01574EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-1838

Malware in sbrugna...

6.5CVSS6.2AI score0.01574EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-18769

Malware in sbrugna...

8.8CVSS8.2AI score0.00228EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in @zalastax/nolb-pdm (npm)

The package @zalastax/nolb-pdm was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.5 views

MAL-2025-13111 Malicious code in @zalastax/nolb-pdm (npm)

The package @zalastax/nolb-pdm was found to contain malicious code...

7.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/09/04 8:1 a.m.5 views

Malicious code in pdm-skeleton (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8ba9c7f0e8687739c6047f24241f9e715c735f096f38643dc9c818c09d6cab2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2024/09/04 8:1 a.m.7 views

MAL-2024-8794 Malicious code in pdm-skeleton (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8ba9c7f0e8687739c6047f24241f9e715c735f096f38643dc9c818c09d6cab2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/10/24 12:59 a.m.8 views

SUSE CVE-2023-45805

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS7.8AI score0.00512EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2023/10/20 7:30 p.m.10 views

adam-assist (>=0.1.1 <=0.3.9), adam-core (>=0.3.0 <=0.5.5) +49 more potentially affected by CVE-2023-45805 via pdm (>=1.15.5 <=2.9.3)

pdm PYPI version =1.15.5, =0.1.1, =0.3.0, =0.0.1, =0.1.2, =0.3.5, =2.0.0rc0, =0.1.0, =0.1.2, =0.1.0, =0.2.0, =0.1.5, =0.3.0, =0.1.0, =1.0.28 and more Source cves: CVE-2023-45805 Source advisory: OSV:GHSA-J44V-MMF2-XVM9...

7.8CVSS7.2AI score0.00512EPSS
Exploits1
OSV
OSV
added 2023/10/20 7:30 p.m.46 views

GHSA-J44V-MMF2-XVM9 PDM Trojan Lockfile

Summary It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. Details Project foo can be targeted by creating the project foo-2 and uploading the fil...

7.8CVSS7.5AI score0.00512EPSS
Exploits1References7
NVD
NVD
added 2023/10/20 7:15 p.m.31 views

CVE-2023-45805

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS7.8AI score0.00512EPSS
Exploits1References5
OSV
OSV
added 2023/10/20 7:15 p.m.4 views

DEBIAN-CVE-2023-45805

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS8AI score0.00512EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/10/20 6:12 p.m.26 views

CVE-2023-45805 Trojan Lockfilein pdm

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS8AI score0.00512EPSS
Exploits1References5
CVE
CVE
added 2023/10/20 6:12 p.m.58 views

CVE-2023-45805

CVE-2023-45805 affects the Python tool PDM (dependency manager). A crafted pawns-style lockfile in which a project like foo is targeted with foo-2 and a file foo-2-2.tar.gz can mislead PyPI and PDM into installing a different project than what appears in pyproject.toml, potentially allowing arbit...

7.8CVSS7.7AI score0.00512EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2023/10/20 6:12 p.m.37 views

CVE-2023-45805 Trojan Lockfilein pdm

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS7.8AI score0.00512EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2023/10/20 6:12 p.m.17 views

CVE-2023-45805

pdm is a Python package and dependency manager supporting the latest PEP standards. It's possible to craft a malicious pdm.lock file that could allow e.g. an insider or a malicious open source project to appear to depend on a trusted PyPI project, but actually install another project. A project f...

7.8CVSS7.7AI score0.00512EPSS
Exploits1
OSV
OSV
added 2023/09/15 12:15 a.m.5 views

CVE-2023-40955

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management aka pdm v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the select parameter in models/baseclient.py componen...

8.8CVSS6.1AI score0.01075EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/09/15 12:15 a.m.5 views

CVE-2023-40955

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management aka pdm v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the select parameter in models/baseclient.py componen...

8.8CVSS6.2AI score0.01075EPSS
Exploits1References2
NVD
NVD
added 2023/09/15 12:15 a.m.31 views

CVE-2023-40957

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management aka pdm v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the request parameter in models/baseclient.py compone...

8.8CVSS8.7AI score0.01075EPSS
Exploits1References1
NVD
NVD
added 2023/09/15 12:15 a.m.26 views

CVE-2023-40955

A SQL injection vulnerability in Didotech srl Engineering & Lifecycle Management aka pdm v.14.0, v.15.0 and v.16.0 fixed in pdm-14.0.1.0.0, pdm-15.0.1.0.0, and pdm-16.0.1.0.0 allows a remote authenticated attacker to execute arbitrary code via the select parameter in models/baseclient.py componen...

8.8CVSS8.7AI score0.01075EPSS
Exploits1References1
Rows per page
Query Builder