MAL-2025-48242 Malicious code in chai-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 975b6ac20ebe483ebacc5aac930cd8efb123c6f3e9c68d18bf72c0e42c1787ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-46980 Malicious code in strip-ansi (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3736bb5cc515b07f47ad6b5bb06c367271994c4b6606f1ddeb91a056788c34c2 Any computer that has this package installed or running should be considered fully compromised. All...

Malicious code in ethrereum-js-tx (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bcdc76532c3b912681eb183f0654c2ef268dd8926cd3ee20b3265c930ed09865 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Reliance on unknown governorCheckProposalId is a potential backdoor and risks loss of critical function control

Lines of code Vulnerability details Impact The GuardCM contract is designed to restrict the actions of the Community Multisig CM. However, a potential backdoor could allow the CM to bypass these restrictions and gain unrestricted access. The issue arises from the reliance on a specific proposal I...

CVE-2022-41385

The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

CVE-2022-41386

The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0...

Code injection

The d8s-utility for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

Code injection

The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

Code injection

The d8s-mpeg for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

SAP ABAP BASIS 7.4 Hard-Coded Password

Application: SAP DBAP BASIS Versions Affected: SAP DBAP BASIS 7.4 Vendor URL: http://SAP.com Bugs: Hardcoded credentials Sent: 01.02.2016 Reported: 02.02.2016 Vendor response: 02.02.2016 Date of Public Advisory: 10.05.2016 Reference: SAP Security Note 2292487 Author: Vahagn Vardanyan ERPScan...

Advantech Patches WebAccess Remote Code Execution Flaws

Advantech has published a new version of its WebAccess product to address vulnerabilities that put installations at risk to remote code execution attacks. Exploiting the vulnerabilities would be a challenge, however, according to an advisory published Tuesday by the Industrial Control Systems Cyb...