47 matches found
MAL-2025-49257 Malicious code in fork-spoon-fork (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 230cc34701f276fd7c72ba75f580a0615bc12a6720dd3bedb7d98b99b24651c5 The package fork-spoon-fork was found to contain malicious code. Source: ghsa-malware 0e5798d27152d0cd13a2c05a43a6ffd1ec5ee70023bbffc173181ec3ecee8e3...
EUVD-2025-37248
Malicious code in fork-spoon-fork npm...
Malicious Package
Overview fork-spoon-fork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2012-6004
Malware in sbrugna...
EUVD-2022-2019
Malicious code in bioql PyPI...
MAL-2025-42683 Malicious code in @lbnqduy180500/vigilant-octo-spoon (npm)
The package @lbnqduy180500/vigilant-octo-spoon was found to contain malicious code...
Malicious code in @lbnqduy180500/vigilant-octo-spoon (npm)
The package @lbnqduy180500/vigilant-octo-spoon was found to contain malicious code...
Malicious code in test-mlw2-spoon-kibes-seize-aargh (npm)
The package test-mlw2-spoon-kibes-seize-aargh was found to contain malicious code...
Malicious code in @scdb/didactic-spoon (npm)
The package @scdb/didactic-spoon was found to contain malicious code...
Malicious code in @lbnqduy/vigilant-spoon (npm)
The package @lbnqduy/vigilant-spoon was found to contain malicious code...
MAL-2025-9276 Malicious code in @scdb/didactic-spoon (npm)
The package @scdb/didactic-spoon was found to contain malicious code...
MAL-2025-8361 Malicious code in @lbnqduy/vigilant-spoon (npm)
The package @lbnqduy/vigilant-spoon was found to contain malicious code...
MAL-2025-36313 Malicious code in test-mlw2-spoon-kibes-seize-aargh (npm)
The package test-mlw2-spoon-kibes-seize-aargh was found to contain malicious code...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2019-15521
Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
Hardcoded credentials
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2024-23453
Android Spoon application version 7.11.1 to 8.6.0 uses hard-coded credentials, which may allow a local attacker to retrieve the hard-coded API key when the application binary is reverse-engineered. This API key may be used for unexpected access of the associated service...
CVE-2024-23453
Android Spoon app (versions 7.11.1–8.6.0) contains a hard-coded API key that can be retrieved by reverse-engineering the binary, enabling unauthorized access to an external service. Root cause: embedded credentials in the mobile app. Impact: local attacker could obtain the API key; impact consist...