Lucene search
K

58389 matches found

OSV
OSV
added 2025/12/09 6:38 p.m.15 views

MAL-2025-192393 Malicious code in ctosec-appsec-wb-xray-adapter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 33176e85f6e5dce44273ddbf5be45cf64ddd36db281b50a5868851a32fb19d0c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

7.2AI score
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:38 p.m.4 views

EUVD-2025-202303

Malicious code in ctosec-appsec-wb-xray-adapter PyPI...

6.6AI score
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:32 p.m.3 views

EUVD-2025-202304

Malicious code in ajenti-plugin-testing-pyld PyPI...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/09 6:32 p.m.6 views

Malicious code in ajenti-plugin-testing-pyld (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8f75e248c6b93183d9fb3295781e0ffda38ca1afa25cefb866205312f2a78cfd Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

7.5AI score
Exploits0References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.4 views

EUVD-2025-201881

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

8.6CVSS6.9AI score0.00287EPSS
Exploits0References2
OSV
OSV
added 2025/12/09 5:22 p.m.4 views

SUSE-SU-2025:21207-1 Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD is not checked by the 'zipfile' module bsc1251305. - CVE-2025-6075: Fixed the value passed to os.path.expandvars is user-controlled a performance...

5.5CVSS5.8AI score0.00345EPSS
Exploits0References5
OSV
OSV
added 2025/12/09 4:32 p.m.5 views

MAL-2025-192391 Malicious code in bignum (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251c8009e3a70f8c3a3a8283dc7f2b603838ec892d7773f0b4886122ff0d97c5 In this incarnation, the package is no longer a clone of networkx, but continues to use the same technique to run secretly remote code and cover tracks ---...

7.5AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/09 4:32 p.m.7 views

Malicious code in bignum (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 251c8009e3a70f8c3a3a8283dc7f2b603838ec892d7773f0b4886122ff0d97c5 In this incarnation, the package is no longer a clone of networkx, but continues to use the same technique to run secretly remote code and cover tracks ---...

7.7AI score
Exploits0References2
EUVD
EUVD
added 2025/12/09 4:32 p.m.3 views

EUVD-2025-202181

Malicious code in bignum PyPI...

6.6AI score
Exploits0References1
NVD
NVD
added 2025/12/09 4:17 p.m.9 views

CVE-2025-13428

A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an authenticated user with an "IDE role" to achieve Remote Code Execution RCE in the server. The flaw stemmed from weak validation of uploaded Python package code. An attacker could upload a package containi...

8.6CVSS0.00287EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2025/12/09 2:25 p.m.4 views

acherion (>=0.2.0 <=0.9.2), aesp (=2025.9.12) +206 more potentially affected by CVE-2025-66645 via nicegui (>=3.0.4 <=3.3.1)

nicegui PYPI version =3.0.4, =0.2.0, =1.0.0, =0.4.0, =0.1.0, =0.2.0, =0.3.0, =0.0.0, =0.4.14, =1.0.0, =1.1.3 - autestoy =0.1.0 - auth-web-kit =1.2.2 - bellatrex =0.4.0 and more Source cves: CVE-2025-66645 Source advisory: SNYK:PYTHON-NICEGUI-14236612...

7.5CVSS5.7AI score0.00963EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/12/09 1:59 p.m.147 views

SqlScanner

SqlScanner SQL Injection Scanner deve...

7.2AI score
Exploits0
OSV
OSV
added 2025/12/09 1:43 p.m.3 views

OPENSUSE-SU-2025:20153-1 Security update for python-Django

This update for python-Django fixes the following issues: - CVE-2025-64459: Fixed a potential SQL injection via connector keyword argument in QuerySet and Q objects bsc1252926 - CVE-2025-13372,CVE-2025-64460: Fixed Denial of Service in 'django.core.serializers.xmlserializer.getInnerText' bsc12544...

9.1CVSS5.9AI score0.1914EPSS
Exploits10References5
OSV
OSV
added 2025/12/09 1:36 p.m.5 views

CLSA-2025-1765287413 python-jinja2: Fix of CVE-2024-56326

CVE-2024-56326: fix format string vulnerability impacting users of applications which execute untrusted template...

7.8CVSS7AI score0.005EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/09 9:25 a.m.3 views

EUVD-2025-201914

Malicious code in do-not-install-this-package-001 PyPI...

6.6AI score
Exploits0References1
EUVD
EUVD
added 2025/12/09 8:5 a.m.4 views

EUVD-2025-201907

Malicious code in telcoo PyPI...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/12/09 8:5 a.m.6 views

Malicious code in telcoo (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c96937a82adce2ecc6628245fd858587131511b4145c04f577ec25d8fa846577 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

7.6AI score
Exploits0References1
EUVD
EUVD
added 2025/12/09 8:1 a.m.4 views

EUVD-2025-201908

Malicious code in graphsync PyPI...

6.6AI score
Exploits0References1
OSV
OSV
added 2025/12/09 7:37 a.m.3 views

SUSE-SU-2025:21199-1 Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD is not checked by the 'zipfile' module bsc1251305. - CVE-2025-6075: Fixed the value passed to os.path.expandvars is user-controlled a performance...

5.5CVSS7.1AI score0.00345EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/09 6:49 a.m.4 views

EUVD-2025-201887

Malicious code in raft-dask PyPI...

6.6AI score
Exploits0References1
Rows per page
Query Builder