3232 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
IBM Concert Information Disclosure Vulnerability
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from uncontrolled recursive directory replication,...
IBM Concert 安全漏洞
IBM Concert is a generative artificial intelligence-driven automated application management and monitoring tool based on the watsonx platform released in May 2024 by IBM. IBM Concert suffers from an information disclosure vulnerability that stems from uncontrolled recursive directory replication,...
Rallly 安全漏洞
Rallly is a scheduling and collaboration tool from Luke Vella Individual Developer designed to make it easier to organize events and meetings. A security vulnerability exists in Rallly versions prior to 4.5.4 that stems from the presence of an insecure direct object reference in the vote...
MAL-2025-189820 Malicious code in tau-mu-good-beta-kappa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ffc911728d84781a700b5b9e706f5e42e1d50b3a29e8c8141b254da2aa124f4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in luna-cordelia-blackhole-lithosphere (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f4671bed4986784ce341d0ba6709ba439dfb5c96942dd8001c1ab0c963fb1d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-184456 Malicious code in modiov-kin-afudsaczubfa (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd48b0d2620a33f49c71f7e692a7bfd04f314116ceb2461c5f9f5acae9a515f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in teate-thy-sonic-nejnaz (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e408a852eff89e5c3d287c0bacccc7825cd4b1e30aabc445a4c60d44c679087a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in polymer-afa-ratoafavadaf (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9fc4c48caf099951306f163926f2e18a1fc0c85f42e7330e65802a78584ebc70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-178239 Malicious code in rindaman-poke73 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60547edb86c0f57484b7fd146562d45d1046645cc15461b4aabfa418623a8786 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in anidata-hopanud-mafi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 76c60f892bd912ac7f93b3631109eca5ecf685e088b4a511ce2ef09cf047eb84 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in alexandermartin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 385eb2955cf96e2f3a5a27796c5ab941f038cb9d56b0d77b31045319e243e176 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-170849 Malicious code in amjadkarem (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector caec16d50f9c5183f58a490a7b507d83f638bd582edba58b672073513d94e32b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-171700 Malicious code in orlabyrne (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e38373b2545c631b5d979b044762b060e20b5351bc1ad9c0d91d6844c188420b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in upilka-luzi-ilmu (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b1b6ffa6fe7cd14b9f6af57d167725dfe1bc1418c52eb62cf4333bd154404ac9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...