9169 matches found
ROOT-APP-PYPI-CVE-2024-5569 CVE-2024-5569 in rootio-zipp - Patched by Root
Root has patched CVE-2024-5569 in the rootio-zipp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2022-40897 CVE-2022-40897 in rootio-setuptools - Patched by Root
Root has patched CVE-2022-40897 in the rootio-setuptools package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-69277 CVE-2025-69277 in rootio-PyNaCl - Patched by Root
Root has patched CVE-2025-69277 in the rootio-PyNaCl package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-31958 CVE-2026-31958 in rootio-tornado - Patched by Root
Root has patched CVE-2026-31958 in the rootio-tornado package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-28684 CVE-2026-28684 in rootio-python-dotenv - Patched by Root
Root has patched CVE-2026-28684 in the rootio-python-dotenv package for Root:PyPI. Multiple fixed versions available...
Malicious code in tronlabpy3 (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 71fd394fee5be8e6fe09e8fff0c645dfc2bd164506a85c077d76642c9ec86ba6 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in fia-signals (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 b61c6fe7ba81fd99de703bc1c00e0a93b2809363abfbf12b79fd9905830f2b54 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
ROOT-APP-PYPI-GHSA-747P-WMPV-9C78 GHSA-747p-wmpv-9c78 in rootio-awscli - Patched by Root
Root has patched GHSA-747p-wmpv-9c78 in the rootio-awscli package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2023-34110 CVE-2023-34110 in rootio-Flask-AppBuilder - Patched by Root
Root has patched CVE-2023-34110 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-27516 CVE-2025-27516 in rootio-Jinja2 - Patched by Root
Root has patched CVE-2025-27516 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2024-56201 CVE-2024-56201 in rootio-Jinja2 - Patched by Root
Root has patched CVE-2024-56201 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2024-34064 CVE-2024-34064 in rootio-Jinja2 - Patched by Root
Root has patched CVE-2024-34064 in the rootio-Jinja2 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-57804 CVE-2025-57804 in rootio-h2 - Patched by Root
Root has patched CVE-2025-57804 in the rootio-h2 package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-69196 CVE-2025-69196 in rootio-fastmcp - Patched by Root
Root has patched CVE-2025-69196 in the rootio-fastmcp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2023-25691 CVE-2023-25691 in rootio-apache-airflow-providers-google - Patched by Root
Root has patched CVE-2023-25691 in the rootio-apache-airflow-providers-google package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2023-22884 CVE-2023-22884 in rootio-apache-airflow-providers-mysql - Patched by Root
Root has patched CVE-2023-22884 in the rootio-apache-airflow-providers-mysql package for Root:PyPI. Multiple fixed versions available...
MAL-2026-5151 Malicious code in parsimonius (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a5ab85a46a37da928774b1885049b71d40d675c54683b13711f4e371d932394a Clone of a legitimate package with an added RAT running through a Telegram bot. It can e.g. exfiltrate env variables and execute remote commands. The malicious...
EUVD-2024-54943
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akinsoft OctoCloud allows Cross-Site Scripting XSS. This issue affects OctoCloud: from s1.09.01 before v1.11.01...
EUVD-2024-54942
Origin Validation Error vulnerability in Akinsoft OctoCloud allows HTTP Response Splitting, CAPEC - 87 - Forceful Browsing. This issue affects OctoCloud: from s1.09.01 before v1.11.01...
Malicious code in discord-massban (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1b535ff4283b14cd5d93b2e31a997d1c8abd7424e2aa48a993c19e5e7f6b2b3b Package steals data from web browsers credentials, credit cards, history, ... --- Category: MALICIOUS - The campaign has clearly malicious intent, like...