Mozilla Firefox < 61.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 61.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-15 advisory. - Mozilla developers and community members Alex Gaynor, Christoph Diehl, Christian Holler, Jason Kratzer, David...

EUVD-2022-6085

Malicious code in bioql PyPI...

CVE-2025-59141

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

GHSA-9G9J-RGGX-7FMG [email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker'...

[email protected] contains malware after npm account takeover

Impact On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect cryptocurrency transactions to the attacker'...

CVE-2025-59141

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...

CVE-2025-59141 [email protected] contains malware after npm account takeover

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

CVE-2025-59141 [email protected] contains malware after npm account takeover

simple-swizzle swizzles function arguments. On 8 September 2025, the npm publishing account for simple-swizzle was taken over after a phishing attack. Version 0.2.3 was published, functionally identical to the previous patch version, but with a malware payload added attempting to redirect...

CVE-2025-59141

CVE-2025-59141 concerns the Node.js package simple-swizzle. An account takeover via phishing led to a malicious 0.2.3 release that, when used in browser contexts (e.g., direct script tags or bundlers), attempts to redirect cryptocurrency transactions to attacker-controlled addresses. Local/server...

simple-swizzle 安全漏洞

simple-swizzle is a codebase by Josh Junon Personal Developer. A security vulnerability exists in version 0.2.3 of simple-swizzle that stems from a phishing attack resulting in account takeover and implanted malware that may redirect cryptocurrency transactions...

Malicious code in simple-swizzle (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 052372c7c31f98ff69d0c555f9b8438dac12a292fa6e1f63d4b6160d6a8376c6 Any computer that has this package installed or running should be considered fully compromised. All...

@dasha.ai/cli (>=0.7.0 <=0.8.0), @dasha.ai/sdk (>=0.11.9 <=0.13.0) +4 more potentially affected by CVE-2025-59141 via simple-swizzle (>=0.1.0 <=0.2.2)

simple-swizzle NPM version =0.1.0, =0.7.0, =0.11.9, =0.13.0 - agcim =0.0.1 - astro =5.13.6 - color-string =1.0.0 - geoscene =1.0.0 Source cves: CVE-2025-59141 Source advisory: OSV:MAL-2025-46978...

MAL-2025-46978 Malicious code in simple-swizzle (npm)

The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 052372c7c31f98ff69d0c555f9b8438dac12a292fa6e1f63d4b6160d6a8376c6 Any computer that has this package installed or running should be considered fully compromised. All...

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypto transactions. The injected malicious code activates a hook whenever a Web3 wallet is present...

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime

...

CVE-2022-31104

Wasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bu...

SUSE CVE-2018-12361

An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results in a potentially exploitable crash. This vulnerability affects Thunderbird 60, Firefox ESR 60.1...

GHSA-JQWC-C49R-4W2X Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

Impact Wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the i8x16.swizzle and select WebAssembly...

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

Impact Wasmtime's implementation of the SIMD proposal for WebAssembly on x8664 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the i8x16.swizzle and select WebAssembly...