148 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ubifs: A fix was made to increment the reference count of a page once it is set as private. The MM structure defines a rule 1 very clearly: once a page is marked with the PGprivate flag, the reference count of that page should be...
Astra Linux - уязвимость в vim
“Buffer over-reading” in the grabfilename function in the GitHub repository’s Vim/Vim version prior to 8.2.4956. This vulnerability could cause the software to crash, lead to memory modifications, and may allow for remote execution...
Astra Linux - уязвимость в xorg-server, xwayland
A heap-based buffer overflow vulnerability was discovered in the X.org server’s ProcXIPassiveGrabDevice function. This issue occurs when length values that are swapped in bytes are used in responses, potentially leading to memory leakage and segmentation faults, especially when triggered by a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: The reference leak in grabrequestedmntns has been fixed. lookupmntns already takes a reference to mntns. grabrequestedmntns does not need to take an additional reference...
Malicious code in chai-grab (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59ae1d48ae982c1945929febb9d9c184264443d2d93c3f187a42813efbeae89 The package chai-grab was found to contain malicious code. Source: ghsa-malware da21a86e003e8f1a127a9431ea7b49004f0f142dc8f619b04adc74000f145cae Any...
MAL-2026-720 Malicious code in chai-grab (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c59ae1d48ae982c1945929febb9d9c184264443d2d93c3f187a42813efbeae89 The package chai-grab was found to contain malicious code. Source: ghsa-malware da21a86e003e8f1a127a9431ea7b49004f0f142dc8f619b04adc74000f145cae Any...
Malicious Package
Overview chai-grab is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
SUSE CVE-2025-68300
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...
CVE-2025-52582
CVE-2025-52582 describes an out-of-bounds read vulnerability in the Grassroot DICOM 3.024 package, specifically in the function Overlay::GrabOverlayFromPixelData . A specially crafted DICOM file can cause an information leak. The available connected documents identify the affected component and t...
CVE-2025-68300
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...
UBUNTU-CVE-2025-68300
In the Linux kernel, the following vulnerability has been resolved: fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra reference...
Linux Distros Unpatched Vulnerability : CVE-2025-68300
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/namespace: fix reference leak in grabrequestedmntns lookupmntns already takes a reference on mntns. grabrequestedmntns doesn't need to take an extra referenc...
CLSA-2025-1763651916 xorg-x11-server-Xwayland: Fix of 4 CVEs
CVE-2023-1393: fix use-after-free in compositor overlay window by clearing dangling COW pointer - CVE-2024-31080: prevent heap over-read in ProcXIGetSelectedEvents caused by using byte-swapped length values in replies. - CVE-2024-31081: fix buffer over-read in ProcXIPassiveGrabDevice by using...
EUVD-2024-23259
Malicious code in bioql PyPI...
EUVD-2023-51940
Malicious code in bioql PyPI...
EUVD-2023-51939
Malicious code in bioql PyPI...
EUVD-2025-19840
Malicious code in bioql PyPI...
CVE-2023-53236
In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch-end is 0 then setting npfns0 before computing the new value of pfns will fail to adjust the pfn and result in various page accounting corruptions. It should be...
CVE-2023-53236
The CVE-2023-53236 entry pertains to the Linux kernel (iommufd) and is described as resolved. The root cause is improper ordering when batch carrying PFNs (batch->end == 0, setting npfns[0] before updating pfns leads to incorrect PFN adjustments). This can cause various page meta-data corrupti...
MAL-2025-41388 Malicious code in grab-service-worker (npm)
The package communicates with a domain associated with malicious activity...