191 matches found
EUVD-2025-121687
Malicious code in sqlite-run-script-transform-cordelia npm...
EUVD-2025-111251
Malicious code in mensa-run-script-got-lyra npm...
EUVD-2025-111595
Malicious code in loglevel-run-script-cross-env-superagent npm...
EUVD-2025-116712
Malicious code in antares-antares-run-script-triton npm...
MAL-2025-144131 Malicious code in kastra-run-script-firebase-blaze (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc401c10920d96d579d2722526875bac5f60943ac975fdf0410ecc87dc3389e6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146311 Malicious code in pm2-run-script-eslint-plugin-leda (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a817f06ae0a4d8dc0d41ca305b9e56576f1bd8664d47548dc7532d0c54975083 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-122368
Malicious code in run-script-update-tethys-jovian npm...
MAL-2025-141836 Malicious code in dynamo-run-script-nashira-markdownlint (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7361ddf24b24372d3f7d805c9eb58615f9f41cd1281ea692b6ebc64d1b3c543e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in run-script-nconf-hermes-commitizen (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50ef6b1061299d5a40c1afa8a79be5c0c34df15a6f6cb207fc51e33fec9000cb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146419 Malicious code in postcss-procyon-xanadu-run-script (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d88030c79380d58aef26fdf412d1babc87d4120c4d6920877f4d389f9dc50bd7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112556
Malicious code in indus-auth-run-script-capella npm...
EUVD-2012-4054
Malware in sbrugna...
MAL-2025-45935 Malicious code in run-script-zephyr-dotenv-safe-bionics (npm)
The package run-script-zephyr-dotenv-safe-bionics was found to contain malicious code...
Malicious code in run-script-ganymede-npm-miranda (npm)
The package run-script-ganymede-npm-miranda was found to contain malicious code...
Malicious code in run-script-zephyr-dotenv-safe-bionics (npm)
The package run-script-zephyr-dotenv-safe-bionics was found to contain malicious code...
Linux Distros Unpatched Vulnerability : CVE-2024-50636
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PyMOL 2.5.0 contains a vulnerability in its Run Script function, which allows the execution of arbitrary Python code embedded within .PYM files. Attackers can...
Remote Code Execution (RCE)
ms-swift is vulnerable to Remote Code Execution RCE. The vulnerability is due to unsafe deserialization because yaml.load from PyYAML is used in tests/run.py, allowing attackers to execute arbitrary code via a crafted YAML configuration file...
MAL-2025-20039 Malicious code in exec-concurrently-run-script-pm2 (npm)
The package exec-concurrently-run-script-pm2 was found to contain malicious code...
MAL-2025-34750 Malicious code in terser-aldebaran-run-script-websockets (npm)
The package terser-aldebaran-run-script-websockets was found to contain malicious code...
MAL-2025-27524 Malicious code in nightwatch-nodejs-run-script-castor (npm)
The package nightwatch-nodejs-run-script-castor was found to contain malicious code...