Malicious code in amplify-python-logging (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2e12fee1c4154d81de6e4575af21aa6a760da4f5694746264a2de50e2c5782fe Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-824 Malicious code in dev-pipline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 20dee9221f632983ab927b06c661fda3edf9bea9f5369620acdea3631511876a Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-814 Malicious code in http-notifier-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in base-local-planner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c0cb640a181ee8e6c31d4f0f87e8768b7a67b70174dd65794e8d980909eac8a3 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in ttam-ploy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 48447bed9470950f80afc68786c557605185768ddc394b2032973dc1b6bde276 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-248 Malicious code in dify-api (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a40038bb1837e98127f2e267d1932d1eeb641c93e855c50af9aa25002e28c76b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in ctosec-appsec-wb-xray-adapter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 33176e85f6e5dce44273ddbf5be45cf64ddd36db281b50a5868851a32fb19d0c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2025-192393 Malicious code in ctosec-appsec-wb-xray-adapter (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 33176e85f6e5dce44273ddbf5be45cf64ddd36db281b50a5868851a32fb19d0c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

IGEL OS Privilege Escalation (via systemd service)

Escalate privileges for IGEL OS Workspace Edition sessions, by modifying network-manager.service using setupcmd SUID and network, then restarting the service. Module Options msf use exploit/linux/local/igelnetworkprivesc msf exploitigelnetworkprivesc show targets ...targets... msf...

📄 IGEL OS Privilege Escalation

This Metasploit module escalates privileges for IGEL OS Workspace Edition sessions by modifying network-manager.service using setupcmd SUID and network and then restarting the service. This module requires Metasploit: https://metasploit.com/download Current source:...

Malicious code in nspacercesolve (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8a8c6f18d1f22d3d0f0b9902a176d91fdfe33270faea47c835a0078955b85914 During installation, the package looks for a flag file and exfiltrates it. Similar content is in the main file. There is no other purpose of the package ---...

EUVD-2021-24835

Malware in sbrugna...

Malicious code in notary-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d6777fd3be7abdd8775b30e889a1bd66c4bef8af1794600867fc7292a8b9bcd0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in lobomarinopython (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 abf82fb6ceeaa4bb5cb2b1198b74e02f2f19c2d65b18dcd025000fcaddfc4228 Packages that might be part of testing for pentesting / malicious activity / joy, with suspicious activity that does not present any real harm. --- Category:...

Malicious code in szn-rain-client (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2e592ca324ac2994280852ce647b102f1f47eb9beeb963021b173a3c014cc3a1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2024-12302 Malicious code in mac12manoj (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 629aa2cd2a27a849eefebdad3efcd6cf183d799a21451edaf209f6dda1e614d8 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

SUSE CVE-2021-38381

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...

Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass in the MFAUserAccountSetupMVCActionCommand class that allows an authenticated used to deny service to another user by enabling the Time-based One-time password TOTP feature for their account, or by modifying the...

Design/Logic Flaw

liveMedia/FramedSource.cpp in Live555 through 1.08 allows an assertion failure and application exit via multiple SETUP and PLAY commands...

CVE-2021-38381

Live555 through 1.08 does not handle MPEG-1 or 2 files properly. Sending two successive RTSP SETUP commands for the same track causes a Use-After-Free and daemon crash...