4655 matches found
MAL-2025-145369 Malicious code in neptune-mui-jasmine-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dd1df8a6d2bc023876d443ab956c891fa6eed3e890a12c4ae30e21b71e81c3f7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-146314 Malicious code in pm2-sync-convict-react-bootstrap (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1330108cc41fc5f8b16b97bd8b44613ea9687f6d108f9fb4aac46e264b7302b5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-144467 Malicious code in lint-staged-sync-global-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0b9f543858dd41d5c201e3ced1a84ac7806a02565e07ef4cca4bd240aa85d04a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121511
Malicious code in sync-centauri-impulse-selenium npm...
EUVD-2025-121503
Malicious code in sync-jsonp-less-iota npm...
EUVD-2025-124169
Malicious code in oberon-puppeteer-sync-eclipse npm...
EUVD-2025-121502
Malicious code in sync-meissa-meissa-lacerta npm...
EUVD-2025-124356
Malicious code in nodejs-frontend-sync-command npm...
MAL-2025-149339 Malicious code in webdriver-manager-yakutsk-meteor-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 875fff606ab52451855235f1681354d08bcefb6c29a25fd69abbfd5a0fdd9a05 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148971 Malicious code in uninstall-sync-apex-event (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 189409f4dc200c6e26d27168dc6d08f0262204ea0a085b6a5af402e6a94c250d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-143170 Malicious code in halley-sync-colors-loopback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a315129aea4bbc0df37718edecba7ea88cb3534b2df5ef52e798db334c6e3d04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-148213 Malicious code in spinner-uglify-js-sequelize-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ec3d26ff88984e14fb77619434a0b3aa7a4dbbd8742914e7a787d85979a1bc9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-142673 Malicious code in foundation-sync-jwt-dependencies (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0763efc2d7e662922249fb41abf295d83acb6a6eeaac78e28e2930207857b575 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-140157 Malicious code in buffer-gatsby-less-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a17d501af7a70b3a645083209e4b5ddb87b03d3ea34e7427b64b6b2c2dc89b65 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145060 Malicious code in miranda-sync-despina-auth0 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6ddac1488fe65453e57b62caf85d562e3e2b5eda8fc296fa78fca7fd5046bbbb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145953 Malicious code in parcel-carpo-cypress-sync (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 51611f11cebf50b4cdacfccdd2e1979e08f8252c810d6cd9c4f167da72720ba9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-112956
Malicious code in halley-mysql-server-sync npm...
Malicious code in halley-sync-colors-loopback (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a315129aea4bbc0df37718edecba7ea88cb3534b2df5ef52e798db334c6e3d04 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-121514
Malicious code in sync-antares-rehype-yaml npm...
CVE-2025-11458
Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...