Lucene search
K

13257 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/06 10:56 p.m.4 views

Malicious code in tronapisync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2768edf78749b023b104efcbfcfedd4d2633480e8d19ee433d467e1b39d2b9ce Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...

7AI score
Exploits0References1
OSV
OSV
added 2025/08/06 10:56 p.m.3 views

MAL-2025-41787 Malicious code in tronapisync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2768edf78749b023b104efcbfcfedd4d2633480e8d19ee433d467e1b39d2b9ce Package is prepared to exfiltrate private keys, most probably for Tron cryptocurrency. There is no other purpose of the package --- Category: MALICIOUS - The...

6.9AI score
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/08/06 3:40 p.m.9 views

Security Bulletin: Multiple vulnerabilities in IBM Business Automation Workflow Machine Learning Server are addressed with 24.0.0-IF006

Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 24.0.0-IF006 addresses the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-47081 DESCRIPTION: Requests is a HTTP library. Due to a URL parsing issue, Request...

9.1CVSS7.4AI score0.01479EPSS
Exploits5Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/06 2:30 p.m.4 views

Malicious code in httpsyncer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e9323dbc11b949e9970ead2dcc1c5a7f05348a977591f8c86027ee220c86b62 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...

7.1AI score
Exploits0References1
OSV
OSV
added 2025/08/06 2:30 p.m.3 views

MAL-2025-41686 Malicious code in httpsyncer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3e9323dbc11b949e9970ead2dcc1c5a7f05348a977591f8c86027ee220c86b62 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...

7AI score
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/08/06 12:31 p.m.5 views

3m (=0.1.0), aaa-ml-datasets-course (=1.0.0) +1759 more potentially affected by CVE-2025-5197 via transformers (>=4.0.0 <=4.52.4)

transformers PYPI version =4.0.0, =0.0.4.80, =0.1.0, =0.1.1, =0.1.0, =0.0.3, =0.0.0.dev20230804, =0.1.0, =0.3.0, =0.1.0, =0.2.5, =0.0.1, =0.1.2 and more Source cves: CVE-2025-5197 Source advisory: SNYK:PYTHON-TRANSFORMERS-11501199...

5.3CVSS6AI score0.00361EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/06 1:1 a.m.5 views

Malicious code in num2words (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 36822c42f7e862f29cef9734efec9a9a9cc44a80e619e954dd25c12239d15767 The num2words project was compromised via a phishing attack and two new versions were uploaded to PyPI containing malicious code...

6.9AI score
Exploits0References2
OSV
OSV
added 2025/08/05 2:22 p.m.3 views

MAL-2025-41788 Malicious code in trongridapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b7421d70bdd0603758337ea36f6465ea98a4df7bd4c383661b11552866d0d411 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...

6.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/04 9:4 p.m.4 views

Malicious code in discordsync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0da96b494aac7775c3c7672d4d77137cbeb6be21294b7c332a21d0bf978d364e Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...

7.1AI score
Exploits0References1
OSV
OSV
added 2025/08/04 9:4 p.m.3 views

MAL-2025-41662 Malicious code in discordsync (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0da96b494aac7775c3c7672d4d77137cbeb6be21294b7c332a21d0bf978d364e Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...

7AI score
Exploits0References1
OSV
OSV
added 2025/08/04 4:22 p.m.3 views

MAL-2025-41781 Malicious code in thisisthedaventestz (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d5f510bfda1aeb6999f77b06597e760e13d4058dab2a7f8620bf8c561db5d39c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/04 3:50 p.m.4 views

Malicious code in zhopaorlaaato (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 45a24b1a49c10f50578e74364357b8de8d31ee62b997c0db957bc0474c841fd7 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...

7.1AI score
Exploits0References1
OSV
OSV
added 2025/08/04 3:50 p.m.3 views

MAL-2025-41802 Malicious code in zhopaorlaaato (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 45a24b1a49c10f50578e74364357b8de8d31ee62b997c0db957bc0474c841fd7 Package is runs an Infostealer targeting telegram and Discord credentials. Depending on version, the infostealer is either downloaded from an URL or embedded i...

7AI score
Exploits0References1
OSV
OSV
added 2025/08/04 9:30 a.m.3 views

MAL-2025-47453 Malicious code in sisaws (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 0cc916986327ca493d55160fe841e48b756a40e030f59880874386e9e1e8a148 This package installs the SilentSync remote access trojan and allows remote code execution and data exfiltration. Windows machines are...

7AI score
Exploits0References2
OSV
OSV
added 2025/08/04 12:0 a.m.3 views

OPENSUSE-SU-2025:15409-1 python313-3.13.5-4.1 on GA media

These are all security issues fixed in the python313-3.13.5-4.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS7.1AI score0.00611EPSS
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2025/08/04 12:0 a.m.6 views

python39-3.9.23-4.1 on GA media (moderate)

python39-3.9.23-4.1 on GA media Announcement ID: openSUSE-SU-2025:15404-1 Rating: moderate Cross-References: CVE-2025-8194 CVSS scores: CVE-2025-8194 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-8194 SUSE : 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...

7.1CVSS6.4AI score0.00611EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/03 10:48 p.m.4 views

Malicious code in thisisthedaventest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f6701b95670bcfd620d23e4cc410957fb3cf0cc783ef0ab6d9f3ebe596ac8b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/08/03 10:48 p.m.3 views

MAL-2025-41780 Malicious code in thisisthedaventest (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c7f6701b95670bcfd620d23e4cc410957fb3cf0cc783ef0ab6d9f3ebe596ac8b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/03 7:47 p.m.4 views

Malicious code in totallysafe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 772cdbb82e78ad30e8f4cb0bcdd45aaf61884da051a9998fd1c1431335d0eaf7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.3AI score
Exploits0References1
OSV
OSV
added 2025/08/03 7:47 p.m.3 views

MAL-2025-41785 Malicious code in totallysafe (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 772cdbb82e78ad30e8f4cb0bcdd45aaf61884da051a9998fd1c1431335d0eaf7 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
Rows per page
Query Builder