Lucene search
K

7919 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/10 7:42 a.m.8 views

Malicious code in devtools-webhook-cicd-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 807557cb6ac51aece00eeb28f55b89815176c95172780dcdded46b667f843771 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/02/10 7:42 a.m.6 views

MAL-2026-825 Malicious code in devtools-webhook-cicd-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 807557cb6ac51aece00eeb28f55b89815176c95172780dcdded46b667f843771 During installation, package installs a script that listens for remote commands and executes them. The script is also added to autostart configuration and...

5.9AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.4 views

PT-2026-7466

Name of the Vulnerable Software and Affected Versions GE Vernova Enervista versions prior to 8.6 Description A security issue exists in GE Vernova Enervista UR Setup on Windows. The issue affects versions prior to 8.6. Recommendations Update to a version newer than 8.6...

4.6CVSS5.4AI score0.00199EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/10 12:0 a.m.8 views

PT-2026-7465

Name of the Vulnerable Software and Affected Versions GE Vernova Enervista versions prior to 8.6 Description A flaw exists in GE Vernova Enervista UR Setup on Windows that permits file manipulation. Recommendations Update to a version later than 8.6...

2.9CVSS5.4AI score0.00229EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.5 views

GE Vernova Enervista UR Setup 安全漏洞

GE Vernova Enervista UR Setup is an interface configuration and management software for relay protection devices developed by GE Vernova in the United States. Versions of GE Vernova Enervista UR Setup prior to version 8.6 contained security vulnerabilities, which were due to a vulnerability relat...

4.6CVSS5.8AI score0.00199EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/10 12:0 a.m.8 views

GE Vernova Enervista UR Setup 安全漏洞

GE Vernova Enervista UR Setup is an interface configuration and management software for relay protection devices developed by GE Vernova in the United States. Versions of GE Vernova Enervista UR Setup prior to version 8.6 contained security vulnerabilities, which were due to a vulnerability relat...

2.9CVSS5.8AI score0.00229EPSS
Exploits0References2
OSV
OSV
added 2026/02/09 4:25 p.m.6 views

MAL-2026-818 Malicious code in thecorrectjames (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 53ae167216303d3e0d2eda2b5321b60fc5bf9431e16ae0caa507123ba45661a1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/09 3:35 p.m.10 views

Malicious code in ctf-pipline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 083eedb7c9187410d3470ab27415ee2e6a7683ef92bafce123198ce9882e07a4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/09 3:35 p.m.4 views

MAL-2026-817 Malicious code in ctf-pipline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 083eedb7c9187410d3470ab27415ee2e6a7683ef92bafce123198ce9882e07a4 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/09 9:29 a.m.9 views

Malicious code in http-notifier-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/09 9:29 a.m.5 views

MAL-2026-814 Malicious code in http-notifier-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 876fd5ae23d7c051fa55647bc5b152a7905505782e78ca9536b161318d2e000f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.8AI score
Exploits0References1
EUVD
EUVD
added 2026/02/08 6:32 p.m.9 views

EUVD-2026-5775

A weakness has been identified in D-Link DIR-823X 250416. This vulnerability affects the function sub420618 of the file /goform/setupnp. This manipulation of the argument upnpenable causes os command injection. Remote exploitation of the attack is possible. The exploit has been made available to...

8.6CVSS5.3AI score0.0377EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/08 7:47 a.m.10 views

Malicious code in ccxt-bullish (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0729d9c3ad3f349ec626a97b7a265b1fd84f556bb1758af54adbc87bd29969f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/08 7:47 a.m.8 views

MAL-2026-809 Malicious code in ccxt-bullish (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0729d9c3ad3f349ec626a97b7a265b1fd84f556bb1758af54adbc87bd29969f1 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/08 7:41 a.m.9 views

Malicious code in thread-pipeline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d7de9849aa6d6194b8d6fdf574c6c56c3de7cb75ad338f2428fc7f1374e4280 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/08 7:41 a.m.5 views

MAL-2026-810 Malicious code in thread-pipeline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 2d7de9849aa6d6194b8d6fdf574c6c56c3de7cb75ad338f2428fc7f1374e4280 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/07 12:2 p.m.5 views

CVE-2026-2085

A security vulnerability has been detected in D-Link DWR-M921 1.1.50. Affected is the function sub419F20 of the file /boafrm/formUSSDSetup of the component USSD Configuration Endpoint. The manipulation of the argument ussdValue leads to command injection. The attack can be initiated remotely. The...

8.6CVSS6.8AI score0.04352EPSS
Exploits1References6Affected Software1
CNNVD
CNNVD
added 2026/02/07 12:0 a.m.6 views

D-Link DWR-M921 命令注入漏洞

The D-Link DWR-M921 is a router produced by D-Link Corporation. Version 1.1.50 of the D-Link DWR-M921 contains a command injection vulnerability. This vulnerability arises from incorrect operations on the parameter usdValue in the sub419F20 function of the USSD Configuration Endpoint...

8.6CVSS7.1AI score0.04352EPSS
Exploits1References7
OSV
OSV
added 2026/02/06 11:36 a.m.3 views

MAL-2026-803 Malicious code in moveworks-pipeline-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 bf307b5f3cf29ebae108dfd8b8767c38bc26da4a5bb4ca3f82ed63e137921531 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/06 9:30 a.m.9 views

Malicious code in p7zip-full (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Rows per page
Query Builder