CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13252 matches found

OSV•added 2025/10/23 7:16 p.m.•2 views

MAL-2025-48893 Malicious code in image2hex (PyPI)

--- -= Per source details. Do not edit below this line.=-...

7AI score

Exploits0

OSSF Malicious Packages•added 2025/10/23 10:43 a.m.•3 views

Malicious code in aiohttp-ssl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 212da09ca68167bc40e86f1c838fe5aeb5a6656da5ecbbdb5d17df01b2c262d8 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...

7AI score

Exploits0References3

OSV•added 2025/10/23 10:43 a.m.•1 views

MAL-2025-191618 Malicious code in aiohttp-ssl (PyPI)

6.8AI score

Exploits0References3

OSSF Malicious Packages•added 2025/10/22 5:9 p.m.•3 views

Malicious code in smart-scheduler (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2792dcc5f5baaa05e1da756d9e57efedf800477f8b30e3c0b096d0baa17f59c9 Package downloads and starts a malicious executable and hides its existence --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

7.3AI score

Exploits0References1

OSV•added 2025/10/22 5:9 p.m.•1 views

MAL-2025-191661 Malicious code in smart-scheduler (PyPI)

7.2AI score

Exploits0References1

OSV•added 2025/10/22 4:22 p.m.•4 views

MAL-2025-191657 Malicious code in requests-os (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c944343070e83d2eab122e862b5c7349722ee7ceae5ae21e428926480681d24f Package contains capabilities for remote control of the user's computer and exfiltrating data --- Category: MALICIOUS - The campaign has clearly malicious...

7AI score

Exploits0References1

OSSF Malicious Packages•added 2025/10/22 12:45 p.m.•4 views

Malicious code in lbank-connector-pythons (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e2d03134723d75ab2f0b36c6acad54fa5d16b4ba0f04bf2705e188fd19626b9 This is a copy of a legit package with added basic exfiltration in the setup.py --- Category: PROBABLYPENTEST - Packages looking like typical pentest packages,...

7.5AI score

Exploits0References1

OSV•added 2025/10/22 12:45 p.m.•1 views

MAL-2025-191644 Malicious code in lbank-connector-pythons (PyPI)

7.3AI score

Exploits0References1

OSV•added 2025/10/22 12:41 p.m.•1 views

MAL-2025-191619 Malicious code in asynhttp (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 058c3bab076ccb770a3ecaefbdb301df88bd935a79f154cdeb329c51c4a1eef5 Packages silently decrypt content hidden in a dependency and load them as Python extension modules. In the first wave, those are copies of legitimate aiohttp a...

6.8AI score

Exploits0References3

OSSF Malicious Packages•added 2025/10/22 12:41 p.m.•3 views

Malicious code in asynhttp (PyPI)

7AI score

Exploits0References3

OSSF Malicious Packages•added 2025/10/22 12:26 p.m.•3 views

Malicious code in libtasnl (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0da2df30cd680f292df7b195f51829e4afc94604336223d58b0bfca92714d9fc Generic campaign for all likely research / pentests, where the amount or art of collected data raises questions about the privacy, security and ethical side. -...

7.5AI score

Exploits0References1

OSV•added 2025/10/22 12:26 p.m.•2 views

MAL-2025-191645 Malicious code in libtasnl (PyPI)

7.4AI score

Exploits0References1

OSSF Malicious Packages•added 2025/10/21 4:26 p.m.•3 views

Malicious code in installyoura (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ce9e3e9d41cbe7a819ee558b5d69ee8b77d3cbfbf54a5d8167500266dfdca903 Package download and runs widely recognized malware --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

7.1AI score

Exploits0References2

OSV•added 2025/10/21 4:26 p.m.•2 views

MAL-2025-191641 Malicious code in installyoura (PyPI)

7AI score

Exploits0References2

EUVD•added 2025/10/21 3:30 p.m.•3 views

EUVD-2025-26370

A vulnerability was determined in Tenda F1202 1.2.0.9/1.2.0.14/1.2.0.20. Impacted is an unknown function of the file /etcro/shadow of the component Administrative Interface. This manipulation with the input Fireitup causes hard-coded credentials. The attack can only be executed locally. A high...

6.4CVSS3.5AI score0.00145EPSS

Exploits0References7

OSSF Malicious Packages•added 2025/10/20 11:58 a.m.•4 views

Malicious code in yelp-pkg (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fdea5ca17bb09234a292159e525a2a38ac3fd43760c6f2184aa27f563f320075 During import, the package attempts to exfiltrate potentially sensitive data. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

7.5AI score

Exploits0References1

OSV•added 2025/10/20 11:58 a.m.•3 views

MAL-2025-191666 Malicious code in yelp-pkg (PyPI)

7.4AI score

Exploits0References1

OpenVAS•added 2025/10/20 12:0 a.m.•5 views

Fedora: Security Advisory (FEDORA-2025-bcb7f16d26)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.00586EPSS

Exploits0References5

OSV•added 2025/10/19 5:2 p.m.•4 views

MAL-2025-191638 Malicious code in huzzleuo130 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 85df7f2dfe2955a251c0e1858049dab9b978d9812a067235cb04c6ffb25131fc Packages that either reports home installation, simulate malicious activity or imitate Roblox API wrapper. --- Category: PROBABLYPENTEST - Packages looking lik...

7.4AI score

Exploits0References1

OSSF Malicious Packages•added 2025/10/19 5:2 p.m.•4 views

Malicious code in huzzleuo130 (PyPI)

7.5AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by