Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/17 11:26 p.m.6 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS6.8AI score0.00135EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/01/16 10:46 p.m.4 views

CVE-2026-22865

Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. When resolving dependencies in versions before 9.3.0, some exceptions were not treated as fatal errors and would not cause a repository to be disabled. If a build encountered one of these...

8.6CVSS5.4AI score0.00135EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:47 p.m.4 views

Malicious code in manurung-poke41 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 03631a0547e4cc127b5f4ca9eba0ba30948044ad7ee954580a124958fa52c64b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/11 12:17 a.m.2 views

MAL-2025-66130 Malicious code in weekly_newt_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62734cd7f179833b9bcaeb8246aa165b31e6f97e3ebb099ab2b595c1cd82c8f0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/10 4:5 a.m.4 views

MAL-2025-50639 Malicious code in vera-peyek48-miaww (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6073fc534b9a7e2b4290fa0d2034adaff35af8c0318c03f6123f1ca7394143c The package vera-peyek48-miaww was found to contain malicious code. This package appears to be part of the tea.xyz token reward campaign that flooded...

6.9AI score
Exploits0
OSV
OSV
added 2025/01/03 3:49 p.m.7 views

CVE-2024-56322 GoCD vulnerable to XXE injection via abuse of unused XML configuration repository functionality

GoCD is a continuous deliver server. GoCD versions 16.7.0 through 24.4.0 inclusive can allow GoCD admins to abuse a hidden/unused configuration repository pipelines as code feature to allow XML External Entity XXE injection on the GoCD Server which will be executed when GoCD periodically scans...

2.1CVSS7.4AI score0.00689EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/27 2:45 a.m.6 views

Malicious code in esqtoolgetnvidia (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx d451db70e96e1d6ce85d078d7967191efc4b78f0fde99b1157b3f34945b20b0e EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/02/10 12:54 p.m.8 views

Malicious code in seleniium (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 57e23d7e61ff9ad57b53c8eaf276c5d14a226d7673cf17c6bf438a42d835ae88 Attacker distributed 900+ malicious packages via PyPi, infecting local browsers with malicious extension to manipulate clipboard and replace crypto wallet...

6.7AI score
Exploits0References1
Rows per page
Query Builder