269 matches found
MAL-2025-47829 Malicious code in node-notifications (npm)
The package node-notifications was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f537b45789bd1ad6fcec083716172d0230b37e04510ace80351a35ef51cf0a9 Any computer that has this package installed or running should be considered fully...
MAL-2025-47540 Malicious code in @sev-ui-verse/invoice-models (npm)
The package @sev-ui-verse/invoice-models was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f330a934831b8458a3b0de11c4efd1a661b00d1e2b7df7aa32b18a2278b789f3 Any computer that has this package installed or running should be considere...
Malicious code in @sev-ui-verse/authentication (npm)
The package @sev-ui-verse/authentication was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3492bfe4d8b65a2239adf76adf321c36a385fe94efabe1ef8f1ad32b6c262b30 Any computer that has this package installed or running should be considere...
Malicious code in kinyongi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d732e3667e35428369a2536b0d3d1ba6f5afbedd13b166bd769316c2ac8c750c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-47314 Malicious code in gatepass (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61c2e9c4b5cbc80a41fd1b6bc9814d7354bc1aa20902ff0fe61a874828d171e5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in middleware-loggers (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 572eeb4389dd6da0c13648478c40f302f15e7736279e3b33d171a315a2cac60d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Fluid-Antenna-Aided AAV Secure Communications in Eavesdropper Uncertain Location
For autonomous aerial vehicle AAV secure communications, traditional designs based on fixed position antenna FPA lack sufficient spatial degrees of freedom DoF, which leaves the line-of-sight-dominated AAV links vulnerable to eavesdropping. To overcome this problem, this paper proposes a framewor...
The vulnerability of the console-based graphic editor ImageMagick lies in its dependence on behaviors that are uncertain for each implementation type. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the console-based graphic editor ImageMagick is related to its dependence on behaviors that are uncertain for each implementation type. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...
Malicious code in pahtkit-wasm (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3e76975e429f523a3fae3ff739755780b9f6f01a170517550cf8de743a585a8 Any computer that has this package installed or running should be considered...
CVE-2025-9389
A vulnerability was identified in vim 9.1.0000. Affected is the function memmoveavxunalignederms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. The attack needs to be performed locally. The exploit is publicly available and might be used. Some users are not...
DEBIAN-CVE-2025-8734
Bulletin has no description...
UBUNTU-CVE-2025-8732
A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...
Malicious code in axr-smart-contracts (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c6f40c0f14910689109d5feee0e22e6d1c1ce158eea34d5d4f95e7209c5dd425 Any computer that has this package installed or running should be considered...
Malicious code in frontend-release-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c7b669533af76df1c26a09f15c4e4251d5ebc14cfaceae8a7af9dacbe4f8741 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in env-info-checker-kyy3w4fiurevd8uy43wfre (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1d6fb3feadb029e83e642c54a8ffc29782d65e981a2bd769dc972463231215b1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2025-6763
A vulnerability was found in Comet System T0510, T3510, T3511, T4511, T6640, T7511, T7611, P8510, P8552 and H3531 1.60. Affected by this issue is some unknown functionality of the file /setupA.cfg of the component Web-based Management Interface. Performing manipulation results in missing...
Malicious code in consumerweb-captcha (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7cee9c3e993b7ea96db267f4f869102dd00139de3ea743914d0273ef165a99a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in html-report (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 76dfd70352bf673a00030f6d35ad320bc633fad730881d95d897d878d7ce662b Any computer that has this package installed or running should be considered...
Malicious code in migrate-lol-account (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 88dbcb391cecbefa568dbffa3d4296d9fa09eddb14625e899283b70920acaea4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in internallib_v473 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e1f24ada3129dc7b0a4310226f616f28d7a806b49c13b67ffdacff8aed8e0f2b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...