Lucene search
K

9 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/27 9:41 a.m.8 views

Malicious code in extrazip (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 f58777710463b043a0724ad1d7999807501b56667a10eced314fd036e9303fdf During initialization of the archive-support class, the package starts code from another file and downloads multi-stage malware --- Category: MALICIOUS - The...

7.3AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 11:44 p.m.9 views

CVE-2022-42038

The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0...

9.8CVSS6.9AI score0.01168EPSS
Exploits1References1
OSV
OSV
added 2023/02/11 11:57 a.m.10 views

MAL-2023-2147 Malicious code in reequests-toolbelt (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4d67c2605086238989409582ef2f1e581d997002a73efbd49be89b6d88bc8825 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/11 11:27 a.m.7 views

MAL-2023-1673 Malicious code in cclick (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx cf2cf8681fdee6e583798ee2260d2dc71c85de9ca143e8de66530a6c98f14f4d Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/02/09 6:42 p.m.9 views

MAL-2023-1831 Malicious code in ffreqtrade (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx bf7a4b9e4df05f2afe50991d0b64e59312ddc06d1d8af631cedcbb4a0ed0d991 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.9AI score
Exploits0References1
PyPA
PyPA
added 2022/10/11 10:15 p.m.5 views

PYSEC-2022-43040

The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0...

9.8CVSS7AI score0.01168EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/09/19 4:15 p.m.2 views

CVE-2022-40426

The d8s-asns for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

9.8CVSS7.4AI score0.01033EPSS
Exploits1References3
NVD
NVD
added 2022/09/19 4:15 p.m.16 views

CVE-2022-38887

The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The democritus-strings package. The affected version is 0.1.0...

9.8CVSS0.01238EPSS
Exploits1References3
Prion
Prion
added 2022/09/19 4:15 p.m.13 views

Code injection

The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0...

7.5CVSS9.4AI score0.01033EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder