MAL-2026-996 Malicious code in rubocop-vintedmetrics (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8e90dd88f71e05719940997342cf6a367387fc68045f091a864d8f8e7e62be8 The OpenSSF Package Analysis project identified 'rubocop-vintedmetrics' @ 9.9.12 rubygems as malicious. It is considered malicious because: - Th...

Malicious code in rubocop-vintedmetrics (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c8e90dd88f71e05719940997342cf6a367387fc68045f091a864d8f8e7e62be8 The OpenSSF Package Analysis project identified 'rubocop-vintedmetrics' @ 9.9.12 rubygems as malicious. It is considered malicious because: - Th...

MAL-2025-192921 Malicious code in stripe-rubocop (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in stripe-rubocop (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

EUVD-2017-0354

Malware in sbrugna...

Malicious code in rubocop-sorbet (npm)

The package rubocop-sorbet was found to contain malicious code...

MAL-2025-32530 Malicious code in rubocop-sorbet (npm)

The package rubocop-sorbet was found to contain malicious code...

Malicious code in rubocop-shopify (npm)

The package rubocop-shopify was found to contain malicious code...

MAL-2025-32529 Malicious code in rubocop-shopify (npm)

The package rubocop-shopify was found to contain malicious code...

CVE-2017-8418

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

SUSE CVE-2017-8418

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

Metasploit Weekly Wrap-Up

I'm sure you know what's coming, more Log4Shell For those wondering when the Log4Shell remediation nightmare will end, I'm afraid I can't give you that. What I can give you, though, is a new Log4Shell module! With the new module from zeroSteiner you can expect to get unauthenticated RCE on the...

PackageDNA - Tool To Analyze Software Packages Of Different Programming Languages That Are Being Or Will Be Used In Their Codes

This tool gives developers, researchers and companies the ability to analyze software packages of different programming languages that are being or will be used in their codes, providing information that allows them to know in advance if this library complies with processes. secure development, i...

metasploit-framework

This is an exploit module for the Metasploit Framework, a penetration testing tool. The module is designed to target a vulnerability in a specific product or service, but the exact target is not specified in the provided context. The module is likely intended to be used by penetration testers and...

RuboCop gem Insecure use of /tmp

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

GHSA-WMJF-JPJJ-9F3J RuboCop gem Insecure use of /tmp

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

Insecure Storage Of Cache Files

RuboCop does not store cache files securely. It stores the cache files in \tmp, where a malicious local user can tamper with cache files belonging to other users...

RuboCop Arbitrary Cache File Modification Vulnerability

RuboCop is a Ruby static code analyzer . With the ability to find and resolve code errors. A security vulnerability exists in RuboCop 0.48.1 and earlier versions. A local attacker can exploit the vulnerability to tamper with other users' cached files...

CVE-2017-8418

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...

Design/Logic Flaw

RuboCop 0.48.1 and earlier does not use /tmp in safe way, allowing local users to exploit this to tamper with cache files belonging to other users...