28884 matches found
Malicious code in sedna-jest-init-delphinus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 25e29146ae9ff359dd96b1cd1b095636278686695d62974a2d5867e6a74edcff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sigma-try-deserialize-slow-omega (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aa134277639263f6619b38cf6bbfcabf6eb3a6b0fcf40df08f3f58df3e53a0ff This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-188092 Malicious code in mock-parse-earth-export-hot (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f34794b0828e1a200e5572cca5b219a30310bc6f4495e2634c3ddd92840c50ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186661 Malicious code in dysonswarm-lacerta-unuk-dynamo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f1d4ff271822892355055959d5575c07ac632f3836ddd6d8337d4c9f6915e83b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in webdriverio-rate-limiter-wormhole-version (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 546a55ebdbc1b18fed5bbad6be8b757cfe2c4fa0d1f046a9d5deff7b296f6332 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-187607 Malicious code in jest-astro-despina-aurora (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 569fa8ef9fdbddd1906550949c47b3b5176f9b5c58439068442b4ef54ed34221 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-186144 Malicious code in child-process-eridanus-cypress-zephyr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2052a0a86d5712791f1bcaf79b700a6a9e92e85eece452bd875120b46a08accc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
SUSE CVE-2025-40123
In the Linux kernel, the following vulnerability has been resolved: bpf: Enforce expectedattachtype for tailcall compatibility Yinhao et al. recently reported: Our fuzzer tool discovered an uninitialized pointer issue in the bpfprogtestrunxdp function within the Linux kernel's BPF subsystem. This...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2023-6246)
A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...
CVE-2025-60701
The CVE-2025-60701 issue affects the D-Link DIR-882 router, specifically firmware DIR882A1_FW102B02. The vulnerability stems from the prog.cgi function sub_433188 and the rc binary’s sub_448FDC, where user-supplied EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, and AccountName are stored ...
Siemens SIMATIC S7-1500 Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2017-9048)
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a stack-based buffer overflow. The function xmlSnprintfElementContent in valid.c is supposed to recursively dump the element content definition into a char buffer 'buf' of size 'size'. At the end of the routine, the function may strcat two more...
Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2017-9050)
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to crash. This vulnerability exists because of an incomplete fix for CVE-2016-1839. This plugin only wor...
MAL-2025-181827 Malicious code in avangs-olioms-nolibamayi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac4a5e1cc8e53f27b4ee50de4c015afe45193fc5a85b89d56957b4b15eb81322 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185234 Malicious code in soniec-kat-favr (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af7858c82682c285822b8bd8fea2bc14400481b3d649ff1853cbc2ed6d31befe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184315 Malicious code in modiov-kifni-ufavcseqinuban (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 113e9ae876b6b3534e3d1de5440858be0fc9df83736c9088ff35defa30f66060 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-185118 Malicious code in sonic-kuig-tnaeav (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5383e188e2740f1260f965dfba10c05fdceafaf7e1243aa2a77f0fcd33ff7eae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183151 Malicious code in item-atim-kujaubi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a515105704b364390c847f65133cacfa3f2bcf38b7bf048deb2b0932d07ad753 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183272 Malicious code in kisut-diug-damifoa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4301501dff2d7b2c475494d391970a0a11802f200ac2462b371cd44e056ff18b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-183525 Malicious code in loibac-ubg-tuaga (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3bc2eb1b68aad30fa87532be6e8c04c165d50feac5b23ec40ba305320e68f020 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in imugay-avig-ijimamfaatugf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1220a8a7c027ad0cd4c14a1b330e82a51c106fd14f7a69964bd22c8839e72326 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...