Lucene search
K

7920 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/06 9:30 a.m.9 views

Malicious code in p7zip-full (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/06 9:30 a.m.6 views

MAL-2026-790 Malicious code in p7zip-full (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af6725a21a64c36ce8e101fd062bb45cb87fdb8cb62df47538390c6c1fc4323c Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.7 views

PT-2026-6836

Name of the Vulnerable Software and Affected Versions 3DP-MANAGER versions 2.0.1 and prior Description 3DP-MANAGER, an inbound generator for 3x-ui, automatically creates an administrative account with default credentials admin/admin upon initial setup. An attacker with network access to the...

9.8CVSS5.4AI score0.00364EPSS
Exploits0References10
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 4:40 p.m.8 views

Malicious code in greeter-pro-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14dfc4441f09da7c2365f0bda8f0406dfbba98c6c127d94689f8acbbb0dafbed Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/05 8:43 a.m.8 views

Malicious code in pipelinepoision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/05 8:43 a.m.5 views

MAL-2026-759 Malicious code in pipelinepoision-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 30985e20ed386fc211690f5618db078ae8c782039fcc36d1109955b74c3251ff Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.3 views

EPSON WF-2750 Improper Neutralization of Input During Web Page Generation (CVE-2018-14899)

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

6.1CVSS6.2AI score0.00681EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/02/05 12:0 a.m.20 views

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1423)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1423 advisory. In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps CVE-2025-40170 In the Linux kernel, the following vulnerability has been resolved:...

7.8CVSS6.7AI score0.00209EPSS
Exploits0References114
NVD
NVD
added 2026/02/04 6:16 p.m.8 views

CVE-2026-25532

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

8CVSS0.00213EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/02/04 5:58 p.m.28 views

CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

6.3CVSS0.00213EPSS
Exploits0References8
EUVD
EUVD
added 2026/02/04 5:58 p.m.6 views

EUVD-2026-5376

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

6.3CVSS5.5AI score0.00213EPSS
Exploits0References8
CVE
CVE
added 2026/02/04 5:58 p.m.19 views

CVE-2026-25532

CVE-2026-25532 affects Espressif ESP-IDF WPS Enrollee in versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6. A malformed EAP-WSC packet with truncated payload can trigger an integer underflow during fragment length calculation, when processing EAP-Expanded (WSC) messages. The frag_len calculation sub...

8CVSS5.5AI score0.00213EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/02/04 5:58 p.m.5 views

CVE-2026-25532 ESF-IDF is Vulnerable to WPS Enrollee Fragment Integer Underflow

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, a vulnerability exists in the WPS Wi-Fi Protected Setup Enrollee implementation where malformed EAP-WSC packets with truncated payloads can cause integer underflow during...

6.3CVSS5.6AI score0.00213EPSS
Exploits0References10
hivepro
hivepro
added 2026/02/04 9:56 a.m.6 views

Rapid7 vs. Hive Pro: A Head-to-Head Comparison

See how Rapid7 and Hive Pro compare in features, setup, pricing, and threat intelligence to help you choose the right threat exposure management platform. Threat intelligence and Business context are the secret sauces that transform vulnerability management from a frantic game of whack-a-mole int...

6.2AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/04 7:33 a.m.8 views

Malicious code in cicd-ppe-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c9f1bfe5b5514b9b3a1ffad43be1f06d22faf12f031d325a9e689340c2ab16a0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/04 7:33 a.m.7 views

MAL-2026-731 Malicious code in cicd-ppe-test (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c9f1bfe5b5514b9b3a1ffad43be1f06d22faf12f031d325a9e689340c2ab16a0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.15 views

Commvault Initial Administrator Login Process Vulnerability

An issue was discovered in Commvault before 11.36.60.During the brief window between installation and the first administrator login, remote attackers may exploit the default credential to gain admin control. This is limited to the setup phase, before any jobs have been configured. id:...

5.4CVSS7.3AI score0.01104EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.4 views

Espressif ESP-IDF 数字错误漏洞

Espressif ESP-IDF is an IoT development framework developed by Espressif, a Chinese company. Versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6 of Espressif ESP-IDF contain numerical error vulnerabilities. These vulnerabilities stem from integer underflow during the processing ofEAP-WSC packets in th...

8CVSS5.8AI score0.00213EPSS
Exploits0References9
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 11:52 a.m.10 views

Malicious code in serpapi-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a4ca074b37aa16372f05eaf3d15abe0f987e04793af53eade69fba1ae9cb405 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
OSV
OSV
added 2026/02/03 11:52 a.m.3 views

MAL-2026-702 Malicious code in serpapi-python (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 3a4ca074b37aa16372f05eaf3d15abe0f987e04793af53eade69fba1ae9cb405 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Rows per page
Query Builder