MAL-2024-12176 Malicious code in valid-package (npm)

This package runs commands in a pre-install script that exfils sensitive data to a attacker-controlled domain. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ccad71901dd807f11aedc2ca2f34c92319f90ccbf3fea758a765c78eb2ff6bdb Any computer that has this package install...

CVE-2014-7953

Race condition in the bindBackupAgent method in the ActivityManagerService in Android 4.4.4 allows local users with adb shell access to execute arbitrary code or any valid package as system by running "pm install" with the target apk, and simultaneously running a crafted script to process logcat'...