Lucene search
K

13368 matches found

Snyk
Snyk
added 2025/10/29 10:47 p.m.1 views

Malicious Package

Overview mourner is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:47 p.m.1 views

Malicious Package

Overview ts-important-stuff is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:47 p.m.1 views

Malicious Package

Overview ul-inline is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.1 views

Malicious Package

Overview @acme-types/acme-package is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.1 views

Malicious Package

Overview elemefe is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.7 views

Malicious Package

Overview acme-package is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.1 views

Malicious Package

Overview jfrog-npm-actions-example is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.1 views

Malicious Package

Overview ing-web-es is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.2 views

Malicious Package

Overview zeus-mex-user-profile is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.2 views

Malicious Package

Overview pmcrypto is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.1 views

Malicious Package

Overview ft-flow is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:46 p.m.2 views

Malicious Package

Overview iot-cardboard-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:45 p.m.1 views

Malicious Package

Overview jest-hoist is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/29 10:45 p.m.2 views

Malicious Package

Overview faltest is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
CVE
CVE
added 2025/10/29 10:10 p.m.40 views

CVE-2025-61724

CVE-2025-61724 is addressed in IBM security bulletins for IBM Cloud Pak for Business Automation and IBM Business Automation Workflow containers. The vulnerability stems from the Reader.ReadResponse function, which builds a response by repeatedly concatenating strings; when responses contain many ...

5.3CVSS6.5AI score0.00526EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/10/29 10:10 p.m.9 views

CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar

tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...

0.00419EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2025/10/29 10:10 p.m.2 views

CVE-2025-61725

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS6.8AI score0.00613EPSS
Exploits0
Snyk
Snyk
added 2025/10/29 9:51 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview std/net/textproto is a Go standard library package std/net/textproto Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report:The Reader.ReadResponse function constructs a response string through repeated string...

6.9CVSS6.9AI score0.00526EPSS
Exploits0References3
Snyk
Snyk
added 2025/10/29 9:50 p.m.3 views

Allocation of Resources Without Limits or Throttling

Overview std/net/http is a Go standard library package std/net/http Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling. Go Vulnerability Report:Despite HTTP headers having a default limit of 1MB, the number of cookies that can be parsed does n...

6.9CVSS6.9AI score0.00534EPSS
Exploits0References3
OSV
OSV
added 2025/10/29 9:48 p.m.2 views

GO-2025-4006 Excessive CPU consumption in ParseAddress in net/mail

The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...

7.5CVSS8.5AI score0.00613EPSS
Exploits0References3
Rows per page
Query Builder