Malicious code in accessible_puma_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65f7a22a4e0a93c060afad76526a3969ba09d3974ba949a9676030f01eb8f31b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2019-17593

Malware in sbrugna...

MAL-2025-6411 Malicious code in dndattachmentt (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-0695

CVE-2025-0695 affects Cesanta Frozen library prior to version 1.7. The vulnerability is an unbounded Allocation of Resources Without Limits or Throttling, allowing an attacker to crash the component embedding the library by supplying malicious JSON input. Affected scope is Cesanta Frozen versions

Buffer Overflow

sgt-puzzles is vulnerable to Buffer Overflow. The vulnerability allows a malicious attacker to craft a save file to cause interger overflow or buffer overflow within the system...

MAL-2023-5582 Malicious code in py-randpushint (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx 146005bc98bb087e4a34d633963bd44e028cadb52efce0a3dc258525a9db90b8 EsqueleSquad group published nearly 6000 malicious PyPi and NPM packages, executing spyware and information-stealing malware...

MAL-2022-6744 Malicious code in uglpti9f (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5708a7125d246cbcfa82d8f0b5ce76a91aab70187c166c079cc4a0560ec7e07d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-288 Malicious code in @gettilled/tslint-preset (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5478810c7b484498848c6877efa1f0d201924cebc3e2cc8e439762e4c1b2a3fe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...