Lucene search
K

7 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/30 2:2 a.m.12 views

Malicious code in anthropic-toolkit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 90ec82c6478e3a82eac71597b1c1fffc17d1b138e11e1a2aeadec7c00344c65e [email protected] is a typosquat against the @anthropic-ai/sdk ecosystem. The package ships no library code — its declared main dist/index.js i...

6.1AI score
Exploits0References23
Ubuntu
Ubuntu
added 2025/11/03 10:18 a.m.8 views

USN-7839-2: Google Guest Agent vulnerability

USN-7839-1 fixed vulnerabilities in Go Cryptography. This update provides the corresponding update in the Go Cryptography module included in Google Guest Agent. Original advisory details: Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectl...

9.1CVSS7.6AI score0.03153EPSS
Exploits2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-0399

Malware in sbrugna...

6.4CVSS6.4AI score0.0281EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2022/08/17 1:58 a.m.37 views

USN-5526-2: PyJWT regression

USN-5526-1 fixed vulnerabilities in PyJWT. Unfortunately this caused a regression by incrementing the internal package version number on Ubuntu 22.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Aapo Oksman discovered that PyJWT incorrectly...

5.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/07/20 1:9 a.m.340 views

USN-5526-1: PyJWT vulnerability

Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature...

7.5CVSS7.4AI score0.012EPSS
Exploits0
NVD
NVD
added 2018/06/07 2:29 a.m.8 views

CVE-2018-3737

sshpk is vulnerable to ReDoS when parsing crafted invalid public keys...

7.5CVSS7.4AI score0.01738EPSS
Exploits1References1
Cvelist
Cvelist
added 2007/01/20 1:0 a.m.19 views

CVE-2007-0397

The Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.3 and Adaptive Security Device Manager ASDM before 5.22.54 do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitiv...

6.3AI score0.0281EPSS
Exploits0References8
Rows per page
Query Builder