CVE-2025-27402

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Tuleap is missing CSRF protections on tracker fields administrative operations. An attacker could use this vulnerability to trick victims into removing or updating tracker fields. This vulnerability i...

Linux Distros Unpatched Vulnerability : CVE-2023-4235

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodedeliverreport function during the SMS decoding...

CVE-2025-27421

creationtimestamp| type| source ---|---|--- 2025-03-03 16:30:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6226 2025-03-03 19:44:01+00:00| seen| https://t.me/cvedetector/19375 2025-08-19 13:26:46+00:00| seen| MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72...

MAL-2025-1647 Malicious code in figma-plugins-and-widgets (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 250144845a9dd4a7a0bea8a44c06f50652890d4ab2f0fb860bb51a5a14ea1a54 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in erc20-faucet (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1318f067a3c4a722bc3d70af3c94d47696dc695c07dafc5cac772db0e1b20fd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-0424

creationtimestamp| type| source ---|---|--- 2025-02-18 08:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ligt24raei2y 2025-02-18 08:41:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/4759 2025-02-18 10:57:37+00:00| seen| https://t.me/cvedetector/18301...

CVE-2024-12763

creationtimestamp| type| source ---|---|--- 2025-02-11 02:17:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhulrj6jqa27...

CVE-2024-45561

creationtimestamp| type| source ---|---|--- 2025-02-03 17:16:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhc2b4zi7c2j...

CVE-2024-54549

creationtimestamp| type| source ---|---|--- 2025-01-27 22:16:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqxrbbw3k2w 2025-01-30 19:19:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3517...

Malicious code in bindbc-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3969ce36d361753fe46f849a0dba26b4548e7c90bec80c86390c47bb429ec9bf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-24354

creationtimestamp| type| source ---|---|--- 2025-01-27 17:29:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113901499013466426 2025-01-27 18:16:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqkd5zq6i2i 2025-01-27 20:11:18+00:00| seen|...

Malicious code in casier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 08fbcdfa482a4508e9f9c2f90db55d75e512d0876a2465d216815c469f07fe52 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in meta-gateway (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 547b8b6ba1bfaeea42d8fe67ea9de77d254833b3f66166a437ec024f17fe24eb The OpenSSF Package Analysis project identified 'meta-gateway' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

MAL-2025-461 Malicious code in godaddy-checkout (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 4fc05cc5d0552c5e553e3f25b83917c1f80d321380c8c4243a72a984acda3e6f The OpenSSF Package Analysis project identified 'godaddy-checkout' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

Malicious code in coinbase-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f4e4f2061ccb606d0bc83d4dcdce6ed72c6c42f033fa0850cdc08d5e4cb50681 The OpenSSF Package Analysis project identified 'coinbase-test' @ 999.9.9 npm as malicious. It is considered malicious because: - The package...

CVE-2025-23698

creationtimestamp| type| source ---|---|--- 2025-01-16 20:19:29+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv43ia6v72n 2025-01-17 00:38:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113840901500299046...

CVE-2025-22758

creationtimestamp| type| source ---|---|--- 2025-01-15 16:17:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfs632osyr2t 2025-01-15 16:55:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113833417336185930...

Malicious code in alchemy-web3-webpack-example (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0baf7db6925882a96eddaa00b4877f9147183d9b00a85fd69b02e5fe625f7ff7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-22363

creationtimestamp| type| source ---|---|--- 2025-01-07 17:16:37+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65o74vip22 2025-01-07 18:53:53+00:00| seen| https://t.me/cvedetector/14571...

CVE-2025-22524

creationtimestamp| type| source ---|---|--- 2025-01-07 16:17:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62fcwqvt2k 2025-01-07 17:37:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/475...