MAL-2026-4814 Malicious code in vectordb-engine (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 42695503b90ec4adc30c038c3321d637f05038f841bcc5f463a16b891fe4e3e0 During pip install, a custom buildext step in src/vectordbenginebuild.py runs an obfuscated payload that performs targeted reconnaissance and...

MAL-2026-4809 Malicious code in baidubsrc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e303b294e3a8f77fdfa91935af2cd5828572f5ab5ec2f0e0b34a0136e33d70dd setup.py executes os.system"curl xiangyangt.com/pypi" unconditionally during pip install. This is an unauthenticated plaintext HTTP request to a...

Malicious code in always-updates (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dee16a964c16035579f7be2f965a801f87876080603f389e1e75ec3073bd5c2c The package's sole advertised CLI aupd, registered as a consolescripts entry point to alwaysupdates.main:main executes...

EUVD-2021-0198

Malware in sbrugna...

kconfig-safety-check

This is a tool for checking the security hardening options of the Linux kernel. It is a Python script that can be used to analyze the configuration of a Linux kernel and identify potential security vulnerabilities. The tool is designed to support various architectures, including X8664, X8632,...

CVE-2025-32800 Conda-build vulnerable to supply chain attack vector due to pyproject.toml referring to dependencies not present in PyPI

Conda-build contains commands and tools to build conda packages. Prior to version 25.3.0, the pyproject.toml lists conda-index as a Python dependency. This package is not published in PyPI. An attacker could claim this namespace and upload arbitrary malicious code to the package, and then exploit...

CVE-2025-32800 Conda-build vulnerable to supply chain attack vector due to pyproject.toml referring to dependencies not present in PyPI

Conda-build contains commands and tools to build conda packages. Prior to version 25.3.0, the pyproject.toml lists conda-index as a Python dependency. This package is not published in PyPI. An attacker could claim this namespace and upload arbitrary malicious code to the package, and then exploit...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution by implanting a malicious wheel file in pip's installation directory, which will replace the module being installed and get executed during installation. Note: The specific vulnerable behavior arises because...

MinIO < 2024-01-31T20-20-33Z - Privilege Escalation Exploit

Exploit Title: MinIO 2024-01-31T20-20-33Z - Privilege Escalation Exploit Author: Jenson Zhao Vendor Homepage: https://min.io/ Software Link: https://github.com/minio/minio/ Version: Up to excluding RELEASE.2024-01-31T20-20-33Z Tested on: Windows 10 CVE : CVE-2024-24747 Required before execution:...

Exploit for CVE-2023-47400

CVE-2023-47400 Proof of Concept for the CVE-2023-47400 Aut...

Antisquat - Leverages AI Techniques Such As NLP, ChatGPT And More To Empower Detection Of Typosquatting And Phishing Domains

AntiSquat leverages AI techniques such as natural language processing NLP, large language models ChatGPT and more to empower detection of typosquatting and phishing domains. How to use Clone the project via git clone https://github.com/redhuntlabs/antisquat. Install all dependencies by typing pip...

UBUNTU-CVE-2023-5752

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

CVE-2023-5752 Mercurial configuration injectable in repo revision when installing via pip

When installing a package from a Mercurial VCS URL ie "pip install hg+..." with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call ie "--config". Controlling the Mercurial configuration can modify how and which...

Winevt_Logs_Analysis - Searching .Evtx Logs For Remote Connections

Simple script for the purpose of finding remote connections to Windows machine and ideally some public IPs. It checks for some EventIDs regarding remote logins and sessions. You should pip install -r requirements.txt so the script can work and parse some of the .evtx files inside winevt folder. T...

Warning: PyPI Feature Executes Code Automatically After Python Package Download

In another finding that could expose developers to increased risk of a supply chain attack, it has emerged that nearly one-third of the packages in PyPI, the Python Package Index, trigger automatic code execution upon downloading them. "A worrying feature in pip/PyPI allows code to automatically...

Code Injection in prayag2/konsave

✍️ Description konsave is a CLI program that will let you save and apply your KDE Plasma customizations with just one command , which is vulnerable to YAML deserialization attack caused by unsafe loading leads to Arbitary Code Execution. 🕵️‍♂️ Proof of Concept Installation bash pip install konsave...

Information disclosure

Products.GenericSetup is a mini-framework for expressing the configured state of a Zope Site as a set of filesystem artifacts. In Products.GenericSetup before version 2.1.1 there is an information disclosure vulnerability - anonymous visitors may view log and snapshot files generated by the Gener...

CVE-2021-21360 Exposure of Sensitive Information to an Unauthorized Actor in Products.GenericSetup

Products.GenericSetup is a mini-framework for expressing the configured state of a Zope Site as a set of filesystem artifacts. In Products.GenericSetup before version 2.1.1 there is an information disclosure vulnerability - anonymous visitors may view log and snapshot files generated by the Gener...

PYSEC-2021-45

Products.PluggableAuthService is a pluggable Zope authentication and authorization framework. In Products.PluggableAuthService before version 2.6.0 there is an open redirect vulnerability. A maliciously crafted link to the login form and login functionality could redirect the browser to a differe...

Exploit for CVE-2020-11651

PoC exploit for CVE-2020-11651 and CVE-2020-11652, two vulnerabi...