CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PYSEC-2022-43101

The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0...

PYSEC-2022-43121

PYSEC-2022-43092

The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

PYSEC-2022-43080

The d8s-netstrings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

PYSEC-2022-43122

The d8s-grammars for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

OSV•added 2022/09/19 4:15 p.m.•1 views

PYSEC-2022-43124

OSV•added 2022/09/19 4:15 p.m.•1 views

PYSEC-2022-43125

The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The democritus-strings package. The affected version is 0.1.0...

PYSEC-2022-43120

The d8s-json for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0...

OSV•added 2022/09/19 4:15 p.m.•0 views

PYSEC-2022-43076

9.8CVSS5.9AI score

OSV•added 2022/09/19 4:15 p.m.•0 views

PYSEC-2022-43087

9.8CVSS5.9AI score

Vulnrichment•added 2022/09/19 3:38 p.m.•4 views

CVE-2022-38887

The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The democritus-strings package. The affected version is 0.1.0...

6.9AI score0.01187EPSS

CVE•added 2022/09/19 3:38 p.m.•52 views

CVE-2022-38887

CVE-2022-38887 affects the d8s-python package for Python distributed on PyPI. The vulnerability arises from a backdoor inserted by a third party in the democritus-strings package, with the affected version identified as 0.1.0. The NVD/CVE data lists a critical impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:...

9.8CVSS9.4AI score0.01187EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/09/19 3:38 p.m.•17 views

CVE-2022-38887

The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The democritus-strings package. The affected version is 0.1.0...

Cvelist•added 2022/09/19 3:35 p.m.•16 views

CVE-2022-38886

CVE•added 2022/09/19 3:35 p.m.•48 views

CVE-2022-38886

CVE-2022-38886 affects the Python package d8s-xml distributed on PyPI. The vulnerability stems from a third‑party backdoor in the package ecosystem, specifically the democritus-strings package, with the affected release identified as version 0.1.0. This backdoor enables potential remote code exec...

9.8CVSS9.4AI score0.01187EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/09/19 3:34 p.m.•12 views

CVE-2022-38885

CVE•added 2022/09/19 3:34 p.m.•54 views

CVE-2022-38885

CVE-2022-38885 concerns the Python package d8s-netstrings (PyPI), where a third-party backdoor in the democritus-strings package affects version 0.1.0. Multiple connected sources describe a potential remote code execution backdoor that could allow an attacker to run arbitrary code on a vulnerable...

9.8CVSS9.4AI score0.01187EPSS

Exploits1References3Affected Software1

Cvelist•added 2022/09/19 3:32 p.m.•15 views

CVE-2022-38884

Cvelist•added 2022/09/19 3:30 p.m.•25 views

CVE-2022-38883