EUVD-2025-179817

Malicious code in centaurus-perseus-remark-sync npm...

MAL-2025-187118 Malicious code in gatsby-apollo-sync-lyra (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ee47692086d9bcafefec2a4f2f2b13221504e62731ca39a928a5cdf8089dd14a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sync-taurus-cluster-webpack (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 187342dda72bcfd9fa9b7508990e5f40d3d2fc29ab165be4e68d0524f897b5b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-179352

Malicious code in delphinus-tool-sync-geckodriver npm...

EUVD-2025-176233

Malicious code in standard-altair-izar-sync npm...

MAL-2025-189222 Malicious code in restart-warp-webdriver-mocha-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 95bf93b3651fd9e5262e28a4c025dfe14338cabf906f3143dad4f1a1cf765f46 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-177393

Malicious code in outercore-sync-fornax-lightyear npm...

EUVD-2025-176091

Malicious code in sync-decoherence-xanthus-express npm...

EUVD-2025-176087

Malicious code in sync-vega-apex-prettier-plugin-markdown npm...

EUVD-2025-178714

Malicious code in geomorphology-cressida-sync-atlas npm...

EUVD-2025-178401

Malicious code in init-venus-sync-figures npm...

EUVD-2025-180232

Malicious code in aurora-sync-buffer-canopus npm...

Malicious code in init-venus-sync-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b6e40d812a9363fa5f719d89f8033b005cc387fbeadb50dac11ca6fcd9ba44 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in standard-seismology-sync-native (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6bb0161e8e9100e0895c5f49e6260a519a05cbc55a4cb32eadbd60fe2619b257 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in standard-altair-izar-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7aa4728fd5bccd6fec6ad0f4459479b41c02571c837732ad3e92688a04eb9bf9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186065 Malicious code in centaurus-perseus-remark-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ce96f56e1b53ba28c31e4d27ed1b224358022b063da73e5cf10330319508792 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2023-60056

Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal vulnerability. Successful exploitation allows an unauthenticated attacker to use URL-encoded traversal sequences to read arbitrary files from the underlying filesystem with the privileges of the gateway service,...

ROS-20251113-01

A vulnerability in the Omnibox component of the Google Chrome and Microsoft Edge browsers is related to writing outside the boundaries of the buffer. Exploitation of the vulnerability could allow an attacker acting remotely to escalate their privileges A vulnerability in the Safe Browsing compone...

CVE-2025-40196

In the Linux kernel, the following vulnerability has been resolved: fs: quota: create dedicated workqueue for quotareleasework There is a kernel panic due to WARNONCE when paniconwarn is set. This issue occurs when writeback is triggered due to sync call for an opened fileie, writeback reason is...

DEBIAN-CVE-2025-40196

In the Linux kernel, the following vulnerability has been resolved: fs: quota: create dedicated workqueue for quotareleasework There is a kernel panic due to WARNONCE when paniconwarn is set. This issue occurs when writeback is triggered due to sync call for an opened fileie, writeback reason is...