Malicious Package

Overview svg-safety-tool is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in svg-safety-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 423523b3df147eccef394a43e71101674f003918fb09ae7121dac4c4ac474eff The package svg-safety-tool was found to contain malicious code. Source: ghsa-malware f31f6cc0f000af3b9a7f76332b14e7d9c33b2d0f80056695850c21490d0e41c...

MAL-2026-1364 Malicious code in svg-safety-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 423523b3df147eccef394a43e71101674f003918fb09ae7121dac4c4ac474eff The package svg-safety-tool was found to contain malicious code. Source: ghsa-malware f31f6cc0f000af3b9a7f76332b14e7d9c33b2d0f80056695850c21490d0e41c...

Tech-ASan: Two-Stage Check for Address Sanitizer

Address Sanitizer ASan is a sharp weapon for detecting memory safety violations, including temporal and spatial errors hidden in C/C++ programs during execution. However, ASan incurs significant runtime overhead, which limits its efficiency in testing large software. The overhead mainly comes fro...

PT-2024-10826 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A slab out-of-bounds issue was found in the Linux kernel, specifically in the thermal/drivers/cpufreq cooling module. This issue is scanned by KASAN in cpu power to freq. If power is...

Unauthorized Access Vulnerability in the Human Evidence Rubik's Cube Management System

Human ID Magic is a citizen's personal information approval software, using advanced face recognition count and fingerprint comparison technology, can be directly in the field to quickly compare the real person with the side of the document information, real-time uploading database, to provide...

Malicious package may avoid detection in python auditing

Python Auditing Vulnerability Demonstrates how a malicious package can insert a load-time poison pill to avoid detection by tools like Safety. Tools that are designed to find vulnerable packages can not ever run in the same python environment that they are trying to protect. Usage Install safety,...

GHSA-7Q25-QRJW-6FG2 Malicious package may avoid detection in python auditing

Python Auditing Vulnerability Demonstrates how a malicious package can insert a load-time poison pill to avoid detection by tools like Safety. Tools that are designed to find vulnerable packages can not ever run in the same python environment that they are trying to protect. Usage Install safety,...

CVE-2020-5252

The command-line "safety" package for Python has a potential security issue. There are two Python characteristics that allow malicious code to “poison-pill” command-line Safety package detection routines by disguising, or obfuscating, other malicious or non-secure packages. This vulnerability is...