28993 matches found
Malicious code in severe_wolverine_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4773c001d51290d00f24ce76230c69045df7bc55614acaf93118009c23c86c7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in established_camel_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bcd343e48816a5ec3dc34c83f235c51fe05775d12b5ae3e7b20753fb1aa34879 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rina-mieayam9-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fbb5a2b47c3001b6dcb5cf5c7e8665669e6885eeb3fec2eb9d9e79237460cff7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in lisa-lutis61-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95b600783572e01988b4abea4f463d98ff6043daf4526ce69320070e86b2d4e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-116472 Malicious code in protective_dinosaur_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4573148e90fcf944656c0647b9bdc00624205f190027d3bd1dafcbfcc50e91c8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-112967 Malicious code in candra-lapis90-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2ccc71e24d55fca4fb0825df0c5602211eaf00f261457556a30d64114350bae0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in patria-nasisayur10-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 24fd4f1fd2472b944dd896f6aee66789600a3949b745bc25dd9498ab0b3a1ea1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in cici-asinan65-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7031c8d265acf8114652cd7b8f0020b68375200bf6f5514e4c498124a3ba5625 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in tomi-wajit80-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de8da48d6ae4ccd941c6a95bda54c722448cf5a4afac6f7e6b762f76fde5cf1e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bella-ubi90-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25c59f6189d5a371e50daf448c75f08c5c085f9727a6910c60f2b21790f4693b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in familiar_bison_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c41b98204f1e842b8593a670479b85a9f1068bdf2854197be8407de563bd45a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-113033 Malicious code in cici-lupis97-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1d24a318d6777aab6920f7249d9588ebf4a78b80131b31eb8ac120e55e05327b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
CVE-2025-9223
ZOHO ManageEngine Applications Manager, affected through CVE-2025-9223, versions 178100 and below, is vulnerable to an authenticated command injection due to misconfiguration in the Execute Program/execute program action feature. The vulnerability allows total command execution with HIGH impact (...
CVE-2025-9223 Command Injection
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to authenticated command injection vulnerability due to the improper configuration in the execute program action feature...
kernel: bpf: put bpf_link's program when link is safe to be deallocated
No description is available for this CVE...
kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...
kernel: bonding: check xdp prog when set bond mode
In the Linux kernel, the following vulnerability has been resolved: bonding: check xdp prog when set bond mode Following operations can trigger a warning1: ip netns add ns1 ip netns exec ns1 ip link add bond0 type bond mode balance-rr ip netns exec ns1 ip link set dev bond0 xdp obj afxdpkern.o se...
kernel: bpf: Fix UAF via mismatching bpf_prog/attachment RCU flavors
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching bpfprog/attachment RCU flavors Uprobes always use bpfprogrunarrayuprobe under tasks-trace-RCU protection. But it is possible to attach a non-sleepable BPF program to a uprobe, and non-sleepable BPF...
Customer Experience Improvement Program (CEIP) Elevation of Privilege Vulnerability
Improper access control in Customer Experience Improvement Program CEIP allows an authorized attacker to elevate privileges locally...
Malicious code in dutch_meerkat_amber-65 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90488e88f739b4039254d196e32e421d886cab3a6ba3653257880cf78da5416f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...