Lucene search
K

40123 matches found

Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.52 views

Longitudinal Analyses of SAST Tools: A CodeQL Case Study

Open-source software OSS pipelines rely on automated static analysis tools to prevent the introduction of vulnerabilities in code. However, there is limited understanding of the efficacy of these tools across the OSS ecosystem over time. In this paper, we introduce a novel method to evaluate stat...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/11/14 10:1 p.m.12 views

CVE-2025-64753

grist-core is a spreadsheet hosting server. Prior to version 1.7.7, a user with only partial read access to a document could still access endpoints listing hashes for versions of that document and receive a full list of changes between versions, even if those changes contained cells, columns, or...

6.5CVSS6.5AI score0.00219EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.8 views

Malicious code in nextjs-shelljs-centaurus-singularity (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c55363b3a5905f100f53657d0b726caa73dfb097b64c18ebd0409751dc343854 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in procyon-json-dynamo-neutrino (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be2e07823e5cce346b257d22926e479c2d0a207460567f6726c84336674fe59f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in framework-release-it-fornax-non-blocking (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 41b7d00319abd576e303397fbe78c43c769e871f30b6725bd501a0203e38c58f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in got-lynx-greatfilter-betelgeuse (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dfb1e5ae3602ba1d907e123d07c8bb75e62724ff1d8078775eb901682291c03f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in tachyon-asthenosphere-less-loader-dagda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f21c3181d7e1225e94cf6ec96aac89e6b7e7832996548331008eb289be9aa746 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in singularity-kuiperbelt-loopback-fermiparadox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f1afa76f7fe37851e702aa99f703e08b3365b03f94bca78843a30a75678da27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in execute-java-short-cluster-bundle (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e0078f37af1918262289019391ff05bf9d93d02c69489efe7d3c4cd18bc998f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in readable-ophiuchus-markdownlint-colors (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 84f23c5a0ba600a532021dcbd3268280484ff7155d1db4a995258e9d23bca9b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in yaml-iota-jasmine-norma (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e8425bb6b7f07910bd25a68dfefcdb32430f54afe0d64a10bd237cf2ec705796 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in radiometric-vega-element-ui-oortcloud (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1260fed5837dd3c43bd4ecea72add038d82fbcf75ec543f03ca004f630806fc5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in phoebe-petrology-sirius-fermiparadox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f897ff38dbb81fa575193bde8868cfa42159ce1bb70838cfe850d7c349b77de This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in load-fire-balance-try-old (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ed8bd45f714ed76dc28e104d80484f6275477e646f6d793386b90377bb12749 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in zeta-cold-notify-fire-easy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 77229f2590e999b50f84151be215aed98544f5d472493de435539a1fb1794260 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in entanglement-pino-lint-innercore (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5bae11fcd1d834d151b4d2a4fabd47aea93d666ed6b8a38c767ddbcfe35e8ab8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in java-theta-theta-zero-static (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector de583b65b57ab9087f465b92bd3ee216f6f2f543c1cddc1d8ae174441f641f89 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.4 views

Malicious code in oauth-zenobia-mechatronics-sirius (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 09a302ded4491038396a7065140b8b3fd0cb60afdd87d680b8a4d45bbf1a26e8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in ganymede-volcanology-meteor-andromeda (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 439f5aeded04421261b5e44959256e95a019859e49ea507d43c2521ec92cdfb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in server-filament-framework-css-minimizer-webpack-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 358fa0dd87122948b061c1340cb9ff978517012369a5031ba9ed47b043345bc8 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder