Multiple malicious nmp packages (backdoors)
| Risk | High |
| Patch available | NO |
| Number of vulnerabilities | 71 |
| CVE-ID | N/A |
| CWE-ID | CWE-506 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
babel-laoder Web applications / Modules and components for CMS bitconid-rpc Web applications / Modules and components for CMS bitcoisnj-lib Web applications / Modules and components for CMS bp66 Web applications / Modules and components for CMS bpi39 Web applications / Modules and components for CMS bitcroe-lib Web applications / Modules and components for CMS bitconijs-lib Web applications / Modules and components for CMS bpi66 Web applications / Modules and components for CMS bs58chek Web applications / Modules and components for CMS bs58chcek Web applications / Modules and components for CMS bs58chekc Web applications / Modules and components for CMS bs85 Web applications / Modules and components for CMS bs85check Web applications / Modules and components for CMS coinpayment Web applications / Modules and components for CMS bsae-x Web applications / Modules and components for CMS cionstring Web applications / Modules and components for CMS colne Web applications / Modules and components for CMS coinstirng Web applications / Modules and components for CMS coinstrng Web applications / Modules and components for CMS coinstrig Web applications / Modules and components for CMS commanedr Web applications / Modules and components for CMS conistring Web applications / Modules and components for CMS commandre Web applications / Modules and components for CMS crytpo-js Web applications / Modules and components for CMS crpyto-js Web applications / Modules and components for CMS dhkey Web applications / Modules and components for CMS degbu Web applications / Modules and components for CMS cxt Web applications / Modules and components for CMS ecuvre Web applications / Modules and components for CMS fs-extar Web applications / Modules and components for CMS ecruve Web applications / Modules and components for CMS hw-trnasport-u2f Web applications / Modules and components for CMS hdeky Web applications / Modules and components for CMS hdkye Web applications / Modules and components for CMS path-to-regxep Web applications / Modules and components for CMS ripedm160 Web applications / Modules and components for CMS riped160 Web applications / Modules and components for CMS rceat Web applications / Modules and components for CMS scryptys Web applications / Modules and components for CMS sb58 Web applications / Modules and components for CMS ripmed160 Web applications / Modules and components for CMS scrytsy Web applications / Modules and components for CMS signqle Web applications / Modules and components for CMS siganle Web applications / Modules and components for CMS wallet-address-validtaor Web applications / Modules and components for CMS wallet-address-vaildator Web applications / Modules and components for CMS singale Web applications / Modules and components for CMS wbe3 Web applications / Modules and components for CMS we3b Web applications / Modules and components for CMS web3-eht Web applications / Modules and components for CMS lodahs Web applications / Modules and components for CMS babel-loadre Web applications / Modules and components for CMS babel-loqder Web applications / Modules and components for CMS baes-x Web applications / Modules and components for CMS bcion Web applications / Modules and components for CMS bconi Web applications / Modules and components for CMS bictoin-ops Web applications / Modules and components for CMS bictoind-rpc Web applications / Modules and components for CMS bictoinjs-lib Web applications / Modules and components for CMS bictore-lib Web applications / Modules and components for CMS bip30 Web applications / Modules and components for CMS bitcion-ops Web applications / Modules and components for CMS bitcionjs Web applications / Modules and components for CMS bitcoijns-lib Web applications / Modules and components for CMS bitcoimd-rpc Web applications / Modules and components for CMS bitcoimjs-lib Web applications / Modules and components for CMS bitcoin-osp Web applications / Modules and components for CMS bitcoin-sweep Web applications / Modules and components for CMS bitconi-ops Web applications / Modules and components for CMS cxct Web applications / Modules and components for CMS |
| Vendor |
adam_baldwin nmpjs (fake account) |
Security Bulletin
This security bulletin contains information about 71 vulnerabilities.
1) Embedded malicious code (backdoor)
EUVDB-ID: #VU23298
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbabel-laoder: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1348
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Embedded malicious code (backdoor)
EUVDB-ID: #VU23297
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitconid-rpc: 1.0.0 - 1.0.1
CPE2.3- cpe:2.3:a:nmpjs_fake_account:bitconid-rpc:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:bitconid-rpc:1.0.1:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1369
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Embedded malicious code (backdoor)
EUVDB-ID: #VU23296
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcoisnj-lib: 1.0.4 - 1.1.2
CPE2.3- cpe:2.3:a:adam_baldwin:bitcoisnj-lib:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitcoisnj-lib:1.1.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1367
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Embedded malicious code (backdoor)
EUVDB-ID: #VU23295
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbp66: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1372
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Embedded malicious code (backdoor)
EUVDB-ID: #VU23294
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbpi39: 1.0.0 - 1.0.1
CPE2.3- cpe:2.3:a:adam_baldwin:bpi39:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bpi39:1.0.1:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1373
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Embedded malicious code (backdoor)
EUVDB-ID: #VU23293
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcroe-lib: 1.0.4 - 8.10.0
CPE2.3- cpe:2.3:a:adam_baldwin:bitcroe-lib:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitcroe-lib:8.10.0:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1371
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Embedded malicious code (backdoor)
EUVDB-ID: #VU23292
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitconijs-lib: 1.0.4 - 1.1.2
CPE2.3- cpe:2.3:a:adam_baldwin:bitconijs-lib:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitconijs-lib:1.1.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1370
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Embedded malicious code (backdoor)
EUVDB-ID: #VU23291
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbpi66: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1374
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Embedded malicious code (backdoor)
EUVDB-ID: #VU23290
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbs58chek: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1376
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Embedded malicious code (backdoor)
EUVDB-ID: #VU23289
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbs58chcek: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1375
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Embedded malicious code (backdoor)
EUVDB-ID: #VU23288
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbs58chekc: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1377
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Embedded malicious code (backdoor)
EUVDB-ID: #VU23287
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbs85: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1378
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Embedded malicious code (backdoor)
EUVDB-ID: #VU23286
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbs85check: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1379
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Embedded malicious code (backdoor)
EUVDB-ID: #VU23285
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscoinpayment: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1382
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
15) Embedded malicious code (backdoor)
EUVDB-ID: #VU23284
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbsae-x: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1380
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
16) Embedded malicious code (backdoor)
EUVDB-ID: #VU23283
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscionstring: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1381
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
17) Embedded malicious code (backdoor)
EUVDB-ID: #VU23282
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscolne: 1.0.4 - 2.1.0
CPE2.3- cpe:2.3:a:adam_baldwin:colne:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:colne:2.1.0:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1386
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
18) Embedded malicious code (backdoor)
EUVDB-ID: #VU23281
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscoinstirng: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1383
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
19) Embedded malicious code (backdoor)
EUVDB-ID: #VU23280
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscoinstrng: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1385
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
20) Embedded malicious code (backdoor)
EUVDB-ID: #VU23279
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscoinstrig: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1384
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
21) Embedded malicious code (backdoor)
EUVDB-ID: #VU23278
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscommanedr: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1388
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
22) Embedded malicious code (backdoor)
EUVDB-ID: #VU23277
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsconistring: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1389
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
23) Embedded malicious code (backdoor)
EUVDB-ID: #VU23276
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscommandre: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1387
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
24) Embedded malicious code (backdoor)
EUVDB-ID: #VU23275
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscrytpo-js: 1.0.0 - 1.0.4
CPE2.3- cpe:2.3:a:adam_baldwin:crytpo-js:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:crytpo-js:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1391
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
25) Embedded malicious code (backdoor)
EUVDB-ID: #VU23274
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscrpyto-js: 1.0.0 - 1.0.4
CPE2.3- cpe:2.3:a:adam_baldwin:crpyto-js:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:crpyto-js:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1390
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
26) Embedded malicious code (backdoor)
EUVDB-ID: #VU23273
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsdhkey: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1394
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
27) Embedded malicious code (backdoor)
EUVDB-ID: #VU23272
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsdegbu: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1393
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
28) Embedded malicious code (backdoor)
EUVDB-ID: #VU23271
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscxt: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1392
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
29) Embedded malicious code (backdoor)
EUVDB-ID: #VU23270
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsecuvre: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1396
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
30) Embedded malicious code (backdoor)
EUVDB-ID: #VU23269
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsfs-extar: 1.0.1
CPE2.3 External linkshttps://www.npmjs.com/advisories/1397
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
31) Embedded malicious code (backdoor)
EUVDB-ID: #VU23268
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsecruve: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1395
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
32) Embedded malicious code (backdoor)
EUVDB-ID: #VU23267
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionshw-trnasport-u2f: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1400
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
33) Embedded malicious code (backdoor)
EUVDB-ID: #VU23266
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionshdeky: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1398
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
34) Embedded malicious code (backdoor)
EUVDB-ID: #VU23265
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionshdkye: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1399
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
35) Embedded malicious code (backdoor)
EUVDB-ID: #VU23264
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionspath-to-regxep: 1.0.0 - 1.0.4
CPE2.3- cpe:2.3:a:nmpjs_fake_account:path-to-regxep:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:path-to-regxep:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1401
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
36) Embedded malicious code (backdoor)
EUVDB-ID: #VU23263
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsripedm160: 1.0.4 - 2.0.2
CPE2.3- cpe:2.3:a:nmpjs_fake_account:ripedm160:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:ripedm160:2.0.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1404
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
37) Embedded malicious code (backdoor)
EUVDB-ID: #VU23262
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsriped160: 1.0.4 - 2.0.3
CPE2.3- cpe:2.3:a:nmpjs_fake_account:riped160:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:riped160:1.1.2:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:riped160:2.0.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1403
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
38) Embedded malicious code (backdoor)
EUVDB-ID: #VU23261
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsrceat: 1.0.0 - 1.0.5
CPE2.3- cpe:2.3:a:nmpjs_fake_account:rceat:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:rceat:1.0.3:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:rceat:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1402
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
39) Embedded malicious code (backdoor)
EUVDB-ID: #VU23260
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsscryptys: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1407
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
40) Embedded malicious code (backdoor)
EUVDB-ID: #VU23259
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionssb58: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1406
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
41) Embedded malicious code (backdoor)
EUVDB-ID: #VU23258
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsripmed160: 1.0.4 - 2.0.2
CPE2.3- cpe:2.3:a:nmpjs_fake_account:ripmed160:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:ripmed160:2.0.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1405
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
42) Embedded malicious code (backdoor)
EUVDB-ID: #VU23257
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsscrytsy: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1408
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
43) Embedded malicious code (backdoor)
EUVDB-ID: #VU23256
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionssignqle: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1410
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
44) Embedded malicious code (backdoor)
EUVDB-ID: #VU23255
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionssiganle: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1409
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
45) Embedded malicious code (backdoor)
EUVDB-ID: #VU23254
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionswallet-address-validtaor: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1413
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
46) Embedded malicious code (backdoor)
EUVDB-ID: #VU23253
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionswallet-address-vaildator: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1412
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
47) Embedded malicious code (backdoor)
EUVDB-ID: #VU23252
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionssingale: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1411
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
48) Embedded malicious code (backdoor)
EUVDB-ID: #VU23251
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionswbe3: 1.0.0 - 1.0.4
CPE2.3- cpe:2.3:a:nmpjs_fake_account:wbe3:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:wbe3:1.0.1:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:wbe3:1.0.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1414
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
49) Embedded malicious code (backdoor)
EUVDB-ID: #VU23250
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionswe3b: 1.0.3 - 1.0.4
CPE2.3- cpe:2.3:a:nmpjs_fake_account:we3b:1.0.3:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:we3b:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1415
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
50) Embedded malicious code (backdoor)
EUVDB-ID: #VU23249
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsweb3-eht: 1.0.3 - 1.0.4
CPE2.3- cpe:2.3:a:nmpjs_fake_account:web3-eht:1.0.3:*:*:*:*:npm:*:*
- cpe:2.3:a:nmpjs_fake_account:web3-eht:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1416
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
51) Embedded malicious code (backdoor)
EUVDB-ID: #VU23248
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionslodahs: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1417
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
52) Embedded malicious code (backdoor)
EUVDB-ID: #VU23316
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbabel-loadre: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1349
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
53) Embedded malicious code (backdoor)
EUVDB-ID: #VU23315
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbabel-loqder: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1350
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
54) Embedded malicious code (backdoor)
EUVDB-ID: #VU23314
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbaes-x: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1351
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
55) Embedded malicious code (backdoor)
EUVDB-ID: #VU23313
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbcion: 1.0.0 - 1.0.4
CPE2.3- cpe:2.3:a:adam_baldwin:bcion:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bcion:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1352
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
56) Embedded malicious code (backdoor)
EUVDB-ID: #VU23312
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbconi: 1.0.0 - 1.0.5
CPE2.3- cpe:2.3:a:adam_baldwin:bconi:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bconi:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bconi:1.0.5:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1353
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
57) Embedded malicious code (backdoor)
EUVDB-ID: #VU23311
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbictoin-ops: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1354
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
58) Embedded malicious code (backdoor)
EUVDB-ID: #VU23310
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbictoind-rpc: 1.0.0 - 1.0.1
CPE2.3- cpe:2.3:a:adam_baldwin:bictoind-rpc:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bictoind-rpc:1.0.1:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1355
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
59) Embedded malicious code (backdoor)
EUVDB-ID: #VU23309
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbictoinjs-lib: 1.0.0 - 1.1.3
CPE2.3- cpe:2.3:a:adam_baldwin:bictoinjs-lib:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bictoinjs-lib:1.0.1:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bictoinjs-lib:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1356
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
60) Embedded malicious code (backdoor)
EUVDB-ID: #VU23308
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbictore-lib: 1.0.4 - 8.10.0
CPE2.3- cpe:2.3:a:adam_baldwin:bictore-lib:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bictore-lib:8.10.0:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1357
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
61) Embedded malicious code (backdoor)
EUVDB-ID: #VU23307
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbip30: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1358
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
62) Embedded malicious code (backdoor)
EUVDB-ID: #VU23306
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcion-ops: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1359
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
63) Embedded malicious code (backdoor)
EUVDB-ID: #VU23305
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcionjs: 1.0.4 - 1.1.2
CPE2.3- cpe:2.3:a:adam_baldwin:bitcionjs:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitcionjs:1.1.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1360
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
64) Embedded malicious code (backdoor)
EUVDB-ID: #VU23304
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcoijns-lib: 1.0.4 - 1.1.2
CPE2.3- cpe:2.3:a:adam_baldwin:bitcoijns-lib:1.0.4:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitcoijns-lib:1.1.2:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1362
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
65) Embedded malicious code (backdoor)
EUVDB-ID: #VU23303
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcoimd-rpc: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1363
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
66) Embedded malicious code (backdoor)
EUVDB-ID: #VU23302
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcoimjs-lib: 1.0.0 - 1.1.3
CPE2.3- cpe:2.3:a:adam_baldwin:bitcoimjs-lib:1.0.0:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitcoimjs-lib:1.0.1:*:*:*:*:npm:*:*
- cpe:2.3:a:adam_baldwin:bitcoimjs-lib:1.0.4:*:*:*:*:npm:*:*
https://www.npmjs.com/advisories/1364
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
67) Embedded malicious code (backdoor)
EUVDB-ID: #VU23301
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcoin-osp: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1365
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
68) Embedded malicious code (backdoor)
EUVDB-ID: #VU23300
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitcoin-sweep: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1366
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
69) Embedded malicious code (backdoor)
EUVDB-ID: #VU23299
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionsbitconi-ops: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1368
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
70) Embedded malicious code (backdoor)
EUVDB-ID: #VU23317
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscxct: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1344
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
71) Embedded malicious code (backdoor)
EUVDB-ID: #VU23318
Risk: High
CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: N/A
CWE-ID:
CWE-506 - Embedded Malicious Code
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versionscxct: 1.0.0
CPE2.3 External linkshttps://www.npmjs.com/advisories/1344
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
