Multiple malicious nmp packages (backdoors)

Published: 2019-12-03 | Updated: 2019-12-03
Severity High
Patch available NO
Number of vulnerabilities 71
CVE ID N/A
CWE ID CWE-506
Exploitation vector Network
Public exploit N/A
Vulnerable software babel-laoder Subscribe
bitconid-rpc
bitcoisnj-lib
bp66
bpi39
bitcroe-lib
bitconijs-lib
bpi66
bs58chek
bs58chcek
bs58chekc
bs85
bs85check
coinpayment
bsae-x
cionstring
colne
coinstirng
coinstrng
coinstrig
commanedr
conistring
commandre
crytpo-js
crpyto-js
dhkey
degbu
cxt
ecuvre
fs-extar
ecruve
hw-trnasport-u2f
hdeky
hdkye
path-to-regxep
ripedm160
riped160
rceat
scryptys
sb58
ripmed160
scrytsy
signqle
siganle
wallet-address-validtaor
wallet-address-vaildator
singale
wbe3
we3b
web3-eht
lodahs
babel-loadre
babel-loqder
baes-x
bcion
bconi
bictoin-ops
bictoind-rpc
bictoinjs-lib
bictore-lib
bip30
bitcion-ops
bitcionjs
bitcoijns-lib
bitcoimd-rpc
bitcoimjs-lib
bitcoin-osp
bitcoin-sweep
bitconi-ops
cxct
Vendor adam_baldwin
nmpjs (fake account)

Security Advisory

1) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

babel-laoder: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1348

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitconid-rpc: 1.0.0, 1.0.1

CPE External links

https://www.npmjs.com/advisories/1369

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcoisnj-lib: 1.0.4, 1.1.2

CPE External links

https://www.npmjs.com/advisories/1367

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bp66: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1372

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bpi39: 1.0.0, 1.0.1

CPE External links

https://www.npmjs.com/advisories/1373

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcroe-lib: 1.0.4, 8.10.0

CPE External links

https://www.npmjs.com/advisories/1371

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitconijs-lib: 1.0.4, 1.1.2

CPE External links

https://www.npmjs.com/advisories/1370

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bpi66: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1374

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bs58chek: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1376

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bs58chcek: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1375

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bs58chekc: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1377

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bs85: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1378

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bs85check: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1379

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

coinpayment: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1382

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bsae-x: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1380

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

cionstring: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1381

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

colne: 1.0.4, 2.1.0

CPE External links

https://www.npmjs.com/advisories/1386

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

coinstirng: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1383

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

coinstrng: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1385

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

coinstrig: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1384

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

commanedr: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1388

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

conistring: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1389

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

commandre: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1387

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

crytpo-js: 1.0.0, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1391

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

crpyto-js: 1.0.0, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1390

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

dhkey: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1394

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

degbu: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1393

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

cxt: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1392

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

ecuvre: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1396

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

fs-extar: 1.0.1

CPE External links

https://www.npmjs.com/advisories/1397

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

ecruve: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1395

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

hw-trnasport-u2f: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1400

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

hdeky: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1398

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

hdkye: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1399

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

path-to-regxep: 1.0.0, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1401

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

ripedm160: 1.0.4, 2.0.2

CPE External links

https://www.npmjs.com/advisories/1404

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

riped160: 1.0.4, 1.1.2, 2.0.2, 2.0.3

CPE External links

https://www.npmjs.com/advisories/1403

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

rceat: 1.0.0, 1.0.3, 1.0.4, 1.0.5

CPE External links

https://www.npmjs.com/advisories/1402

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

scryptys: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1407

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

sb58: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1406

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

ripmed160: 1.0.4, 2.0.2

CPE External links

https://www.npmjs.com/advisories/1405

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

scrytsy: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1408

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

signqle: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1410

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

siganle: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1409

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

wallet-address-validtaor: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1413

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

wallet-address-vaildator: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1412

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

singale: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1411

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

wbe3: 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1414

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

we3b: 1.0.3, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1415

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

web3-eht: 1.0.3, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1416

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

lodahs: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1417

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

babel-loadre: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1349

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

babel-loqder: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1350

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

baes-x: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1351

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bcion: 1.0.0, 1.0.4

CPE External links

https://www.npmjs.com/advisories/1352

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bconi: 1.0.0, 1.0.4, 1.0.5

CPE External links

https://www.npmjs.com/advisories/1353

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

57) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bictoin-ops: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1354

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

58) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bictoind-rpc: 1.0.0, 1.0.1

CPE External links

https://www.npmjs.com/advisories/1355

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

59) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bictoinjs-lib: 1.0.0, 1.0.1, 1.0.4, 1.1.0, 1.1.1, 1.1.2, 1.1.3

CPE External links

https://www.npmjs.com/advisories/1356

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

60) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bictore-lib: 1.0.4, 8.10.0

CPE External links

https://www.npmjs.com/advisories/1357

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

61) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bip30: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1358

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

62) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcion-ops: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1359

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

63) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcionjs: 1.0.4, 1.1.2

CPE External links

https://www.npmjs.com/advisories/1360

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

64) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcoijns-lib: 1.0.4, 1.1.2

CPE External links

https://www.npmjs.com/advisories/1362

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

65) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcoimd-rpc: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1363

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

66) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcoimjs-lib: 1.0.0, 1.0.1, 1.0.4, 1.1.1, 1.1.3

CPE External links

https://www.npmjs.com/advisories/1364

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

67) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcoin-osp: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1365

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

68) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitcoin-sweep: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1366

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

69) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

bitconi-ops: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1368

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

70) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

cxct: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1344

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

71) Embedded malicious code (backdoor)

Severity: High

CVSSv3: 9.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C] [PCI]

CVE-ID: N/A

CWE-ID: CWE-506 - Embedded Malicious Code

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor). A remote attacker can gain compromise the affected system.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

cxct: 1.0.0

CPE External links

https://www.npmjs.com/advisories/1344

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



ImmuniWeb® AI Platform for Application Security Testing