Lucene search
K

33544 matches found

Snyk
Snyk
•added 2026/04/14 3:16 p.m.•4 views

Directory Traversal

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Directory Traversal via the nfsen parameter in the nfsen.inc.php file. An attacker can execute arbitrary PHP code by...

8.7CVSS6.5AI score0.00265EPSS
Exploits1References2
Snyk
Snyk
•added 2026/04/14 3:11 p.m.•5 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the profiling.sampling module of asyncio introspection capabilities feature when a privileged process connects to a malicious process via the remote debugging tool. An attacker can read and write memory...

6CVSS6AI score0.00132EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 12:31 p.m.•6 views

Authorization Bypass Through User-Controlled Key

Overview @samanhappy/mcphub is an A hub server for mcp servers Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the authentication process. An attacker can gain unauthorized access to user accounts and perform actions with elevated privileges...

5.4CVSS5.8AI score0.00353EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 12:12 p.m.•6 views

Malicious Package

Overview tailwindcss-style-typography is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 12:12 p.m.•5 views

HTTP Request Smuggling

Overview org.eclipse.jetty:jetty-http is an is a http module for jetty server. Affected versions of this package are vulnerable to HTTP Request Smuggling in the HTTP/1.1 parser HttpParser.java. An attacker can inject additional HTTP requests with chunked transfer encoding with improperly terminat...

9.1CVSS5.7AI score0.01127EPSS
Exploits1References2
Snyk
Snyk
•added 2026/04/14 12:1 p.m.•7 views

Malicious Package

Overview tailwind-typ is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:52 a.m.•4 views

Malicious Package

Overview tailwind-stylecss-typography is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:48 a.m.•7 views

Malicious Package

Overview chai-as-refined is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview node-unpnotifyserv is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•4 views

Malicious Package

Overview pt-sc-logger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•3 views

Malicious Package

Overview pt-sc-demo-app is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview ui-utils-udhay-alerts is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•4 views

Malicious Package

Overview okfe-serverless-conf is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•5 views

Malicious Package

Overview apmfe is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview gprofiler is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•5 views

Malicious Package

Overview chatbotloader is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview okxglobal is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•5 views

Malicious Package

Overview okx-nav is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview okx-data is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•8 views

Malicious Package

Overview pinlogger is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview pinstatsd is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview okassistant is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview bytefrontier-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•3 views

Malicious Package

Overview use-form-builder-plugin is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•4 views

Malicious Package

Overview vv-ftend-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview one-sdui is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview ms-affiliate-links is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview use-feature-flags-plugin is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview partner-tracker-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•4 views

Malicious Package

Overview bytefrontier-core is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview bytefrontier-tracker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•5 views

Malicious Package

Overview bytefrontier is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•6 views

Malicious Package

Overview partner-tracker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•5 views

Malicious Package

Overview billing-paywidget is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•4 views

Malicious Package

Overview bytefrontier-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•8 views

Malicious Package

Overview vv-ftend-api is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•5 views

Malicious Package

Overview bytefrontier-partner is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•7 views

Malicious Package

Overview vip-landing is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•8 views

Malicious Package

Overview onewin-landing is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:47 a.m.•3 views

Malicious Package

Overview one-translations is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:38 a.m.•11 views

Malicious Package

Overview tailwind-lines-clamp is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:37 a.m.•6 views

Malicious Package

Overview seaport-core-16 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:37 a.m.•5 views

Malicious Package

Overview babel-plugin-blocks is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:37 a.m.•6 views

Malicious Package

Overview pubnub-element is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:37 a.m.•5 views

Malicious Package

Overview markdownlint-rule-link-pattern is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:31 a.m.•4 views

Malicious Package

Overview magentaa11y is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 11:31 a.m.•5 views

Malicious Package

Overview percy-cake-docker is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
Snyk
Snyk
•added 2026/04/14 9:14 a.m.•5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in ExtractEmbeddedFiles. An attacker can write files to arbitrary locations outside the intended directory by crafting malicious PDF files that exploit improper handling of file path separators. Note: This issue...

6.5CVSS6.3AI score0.00886EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 4:4 a.m.•8 views

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the getHostByName function in the v2 template engine. An attacker can cause sensitive data to be disclosed by crafting or updating templated resources that trigger DNS queries containing secret-derived values fr...

7.1CVSS5.7AI score0.00262EPSS
Exploits0References2
Snyk
Snyk
•added 2026/04/14 1:11 a.m.•5 views

Directory Traversal

Overview gdown is a Google Drive Public File/Folder Downloader Affected versions of this package are vulnerable to Directory Traversal via the extractall function. An attacker can overwrite arbitrary files on the file system by supplying a maliciously crafted ZIP or TAR archive containing path...

7.8CVSS6.3AI score0.00575EPSS
Exploits1References2
Total number of security vulnerabilities33544