CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/05/16 4:14 a.m.•2 views

MAL-2025-3908 Malicious code in node-crypto-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7d77d3f937a0c6f4071e5688241c3222eeb62c0033c93c981570e554400b14d3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/05/16 4:14 a.m.•9 views

MAL-2025-3917 Malicious code in solana-crypto-validator (npm)

OSV•added 2025/05/15 2:5 p.m.•5 views

GHSA-869W-47C6-FQ8Q Babylon Integer Overflow in Distribution Module CumulativeRewardRatio Calculation Leading to Chain Halt

Summary Minting large amount of tokens through ibc transfer and then depositing them in validator rewards pool via DepositValidatorRewardsPool message can lead to integer overflow panic when calculating cumulativerewardratio for the validator. This calculation happens in x/epoching module...

8.2CVSS7.4AI score

Exploits0References4

VulnCheck KEV•added 2025/05/13 12:0 a.m.•4 views

VulnCheck KEV: CVE-2025-4428

Ivanti Endpoint Manager Mobile EPMM contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source...

8.8CVSS6.1AI score0.8692EPSS

Exploits10References1

OSV•added 2025/05/07 3:25 p.m.•9 views

GHSA-QV97-5QR8-2266 Mithril snapshots for Cardano database could be compromised by an adversary

Impact Mithril certification of Cardano database The Mithril network provides certification for snapshots of the Cardano database, enabling users to quickly bootstrap a Cardano node without relying on the slower peer-to-peer synchronization process. To generate a multi-signature, a minimum...

4.9CVSS6.9AI score

Exploits0References2

OSV•added 2025/05/01 4:39 a.m.•8 views

MAL-2025-3567 Malicious code in array-length-validator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1eeb8fbe13dcffd2d78c2677d8add867f32dd32725416d8f2f71ff2df0ba6f62 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSSF Malicious Packages•added 2025/05/01 4:39 a.m.•3 views

Malicious code in array-length-validator (npm)

6.9AI score

OSSF Malicious Packages•added 2025/04/30 12:41 p.m.•4 views

Malicious code in express-validator-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 67d1a336f4415ad211b6844d41de64f77697780083624b44fdeb0e5e9d4270ac Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

OSV•added 2025/04/30 12:41 p.m.•2 views

MAL-2025-3551 Malicious code in express-validator-plugin (npm)

CNNVD•added 2025/04/28 12:0 a.m.•3 views

IPW Systems Metazo 安全漏洞

IPW Systems Metazo is an industrial IoT gateway solution from IPW Systems that enables data collection, processing and transmission between field devices and IT systems. A security vulnerability exists in IPW Systems Metazo version 8.1.3 and earlier, which stems from the fact that...

10CVSS6.7AI score0.00647EPSS

Exploits0References2

RedhatCVE•added 2025/04/25 4:27 p.m.•4 views

CVE-2025-24539

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in debounce DeBounce Email Validator debounce-io-email-validator allows Reflected XSS.This issue affects DeBounce Email Validator: from n/a through = 5.6.5...

7.1CVSS5.9AI score0.00235EPSS

OSSF Malicious Packages•added 2025/04/23 4:6 p.m.•2 views

Malicious code in web3-validator (PyPI)

--- -= Per source details. Do not edit below this line.=-...