MAL-2025-47042 Malicious code in @oneaudi/current-carline-service (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2b77e10b2c8fadd6564fa2d63929c857354fa99ea046ea16c534546016899926 Any computer that has this package installed or running should be considered...

Adobe Substance3D Viewer 缓冲区错误漏洞

Adobe Substance3D Viewer is a stand-alone desktop application for viewing and editing 3D files from Audobee Adobe USA. Adobe Substance3D Viewer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the current user's environment...

Adobe Substance3D Modeler 资源管理错误漏洞

Adobe Substance3D Modeler is a 3D modeling software from the American company Audobee Adobe. A code execution vulnerability exists in Adobe Substance3D Modeler, which can be exploited by an attacker to execute arbitrary code in the context of the current user...

Malicious code in cage-farm-current (npm)

The package cage-farm-current was found to contain malicious code...

MAL-2025-43684 Malicious code in cage-farm-current (npm)

The package cage-farm-current was found to contain malicious code...

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

...

Slackware: Security Advisory (SSA:2025-242-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[slackware-security] udisks2

New udisks2 packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/udisks2-2.9.4-i586-2slack15.0.txz: Rebuilt. This update fixes a security issue where an attacker can cause the UDisks daemon to cras...

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

CVE-2010-10017 WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File

WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler SEH records and execute arbitrary code. Exploitation...

PT-2025-35369

Name of the Vulnerable Software and Affected Versions: WM Downloader version 3.1.2.2 Description: WM Downloader version 3.1.2.2 is susceptible to a buffer overflow when handling a crafted .m3u playlist file. Insufficient input length validation allows overwriting of structured exception handler S...

Linux Distros Unpatched Vulnerability : CVE-2025-4215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in gorhill uBlock Origin up to 1.63.3b16. It has been classified as problematic. Affected is the function currentStateChanged of the...

Linux Distros Unpatched Vulnerability : CVE-2025-30673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sub::HandlesVia for Perl before 0.050002 allows untrusted code from the current working directory '.' to be loaded similar to CVE-2016-1238. If an attacker can...

Mahara 24.04 < 24.04.1, 23.04 < 23.04.6 Information Disclosure Vulnerability

Mahara is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mahara:mahara"; if...

Linux Distros Unpatched Vulnerability : CVE-2021-21237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Git LFS is a command line extension for managing large files with Git. On Windows, if Git LFS operates on a malicious repository with a git.bat or git.exe file ...

Linux Distros Unpatched Vulnerability : CVE-2019-7653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code...

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...

CVE-2024-39335

Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to information being disclosed to an institution administrator under certain conditions via the 'Current submissions' page: Administration - Groups - Submissions...