Lucene search
K

13374 matches found

Snyk
Snyk
added 2025/10/10 4:7 p.m.2 views

Malicious Package

Overview vite-plugin-vue-layout is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:57 p.m.2 views

Malicious Package

Overview tailwind-style-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:53 p.m.3 views

Malicious Package

Overview vite-plugin-parse is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:45 p.m.2 views

Malicious Package

Overview vite-plugin-es6-babel is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:41 p.m.3 views

Malicious Package

Overview mongodb-orn is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:35 p.m.2 views

Malicious Package

Overview tailwindcss-animatexs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:24 p.m.3 views

Malicious Package

Overview qrcode-pretty-react is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:9 p.m.2 views

Malicious Package

Overview matrix-charts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/10/10 2:27 p.m.4 views

JLSEC-2025-19 An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before ...

An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures...

6.5CVSS6.9AI score0.00831EPSS
Exploits1References6
GithubExploit
GithubExploit
added 2025/10/10 9:47 a.m.217 views

Exploit for Incorrect Authorization in Oracle Mysql

RECORDS Only for reproduction of CVEs. Related Resources: -...

8.6CVSS6.9AI score0.18087EPSS
Exploits18
Github Security Blog
Github Security Blog
added 2025/10/10 6:30 a.m.8 views

Withdrawn Advisory: cross-zip is vulnerable to Directory Traversal through selective use of zip/unzip operations

Withdrawn Advisory This advisory has been withdrawn because it does not discuss a valid vulnerability. This link is maintained to preserve external references. Original Description All versions of the package cross-zip are vulnerable to Directory Traversal via consecutive usage of zipSync and...

6.7AI score
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2025/10/10 5:0 a.m.9 views

CVE-2025-11569

...

Exploits0
CVE
CVE
added 2025/10/10 5:0 a.m.13 views

CVE-2025-11569

The connected data identifies a concrete vulnerability in the cross-zip JavaScript package. A Directory Traversal flaw exists when repeatedly using zipSync() and unzipSync() with arguments such as __dirname, allowing an attacker to access host system files. Red Hat lists all versions of cross-zip...

6.6AI score
Exploits0
Snyk
Snyk
added 2025/10/10 3:55 a.m.3 views

Malicious Package

Overview react-icons-loader is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 3:39 a.m.1 views

Malicious Package

Overview @pcxm/gasket-single-spa is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 2:24 a.m.3 views

Malicious Package

Overview mp3-web-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 2:24 a.m.2 views

Malicious Package

Overview mshops-web-metrics-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 2:24 a.m.1 views

Malicious Package

Overview cx-contact-hub-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 2:24 a.m.4 views

Malicious Package

Overview andes-react-floater is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/10/10 2:24 a.m.2 views

Malicious Package

Overview frontend-photoswipe is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
Rows per page
Query Builder