Lucene search
+L

462 matches found

OSV
OSV
added 2025/09/16 9:33 a.m.3 views

MAL-2025-47230 Malicious code in yoo-styles (npm)

Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...

6.9AI score
Exploits0References7
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 9:32 a.m.7 views

Malicious code in @operato/styles (npm)

Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...

6.9AI score
Exploits0References7
OSV
OSV
added 2025/09/16 9:32 a.m.3 views

MAL-2025-47220 Malicious code in @operato/styles (npm)

Suspicious postinstall script executing bundle.js and unsignedbitwisemathexcess YARA rule match indicates malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f85f761f5ad599532a97a4c4c64bea4910004e56178cd4081fefb3b113ed8d6d Any computer that has this...

6.9AI score
Exploits0References7
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.6 views

@crowdstrike/ember-toucan-styles (=3.0.1) potentially affected by unknown CVE via ember-browser-services (=5.0.1)

ember-browser-services NPM version =5.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ember-browser-services and may be impacted: - @crowdstrike/ember-toucan-styles =3.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-EMBERBROWSERSERVICES-12744...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/09/15 7:39 a.m.5 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/09/15 7:39 a.m.7 views

@crowdstrike/ember-toucan-styles (>=3.0.0 <=3.0.1) potentially affected by unknown CVE via @crowdstrike/tailwind-toucan-base (=5.0.0)

@crowdstrike/tailwind-toucan-base NPM version =5.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on @crowdstrike/tailwind-toucan-base and may be impacted: - @crowdstrike/ember-toucan-styles =3.0.0, =3.0.1 Source cves: unknown CVE Source advisory:...

5.8AI score
Exploits0
Snyk
Snyk
added 2025/09/15 7:39 a.m.3 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Qualys Blog
Qualys Blog
added 2025/09/10 8:43 p.m.15 views

When Dependencies Turn Dangerous: Responding to the NPM Supply Chain Attack

On September 8, 2025, attackers compromised a set of 18 widely used npm packages —including chalk, debug, ansi-styles, and strip-ansi—collectively downloaded over 2.6 billion times per week. Through a targeted phishing campaign against a maintainer, the attackers published malicious versions...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2010-3822

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on Mac OS X 10.4, accesses an uninitialized pointer during...

9.3CVSS6.2AI score0.04448EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/08 5:7 p.m.3 views

Malicious code in ansi-styles (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f82dc187071d265457effc48cb50c7ac209143e5da1a502a633a1c35b88aac67 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References3
OSV
OSV
added 2025/09/08 5:7 p.m.2 views

MAL-2025-46967 Malicious code in ansi-styles (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f82dc187071d265457effc48cb50c7ac209143e5da1a502a633a1c35b88aac67 Any computer that has this package installed or running should be considered fully compromised. All...

7.1AI score
Exploits0References3
HackRead
HackRead
added 2025/09/08 4:38 p.m.5 views

npm Packages With 2 Billion Weekly Downloads Hacked in Major Attack

Aikido Security flagged the largest npm attack ever recorded, with 18 packages like chalk, debug, and ansi-styles hacked…...

7.1AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/03 9:52 p.m.4 views

When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.

...

8.8CVSS9.2AI score0.00587EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/29 6:55 p.m.2 views

Malicious code in node-ms-styles (npm)

The package node-ms-styles was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/29 6:55 p.m.1 views

MAL-2025-42039 Malicious code in node-ms-styles (npm)

The package node-ms-styles was found to contain malicious code...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-26271

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific...

6.5CVSS6.8AI score0.01962EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.0 views

Malicious code in eb-styles (npm)

The package eb-styles was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in common-styles (npm)

The package common-styles was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in base-styles (npm)

The package base-styles was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.7 views

Malicious code in botframework-webchat-styles (npm)

The package botframework-webchat-styles was found to contain malicious code. --- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder