Malicious code in coin-address-validation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ceac65952acb06089cb8040976813b0ada891dc03e9728a0daff8b9e6242708 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2748 Malicious code in coin-address-validation (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2ceac65952acb06089cb8040976813b0ada891dc03e9728a0daff8b9e6242708 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SUSE CVE-2023-53019

In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what may result in an out-of-bounds access to array mdiomap. One existing case is stmmacinitphy that may pass -1 as addr. Therefore valida...

UBUNTU-CVE-2023-53019

In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what may result in an out-of-bounds access to array mdiomap. One existing case is stmmacinitphy that may pass -1 as addr. Therefore valida...

CVE-2023-53019 net: mdio: validate parameter addr in mdiobus_get_phy()

In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobusgetphy The caller may pass any value as addr, what may result in an out-of-bounds access to array mdiomap. One existing case is stmmacinitphy that may pass -1 as addr. Therefore valida...

SUSE-SU-2025:0869-1 Security update for python

This update for python fixes the following issues: - CVE-2024-11168: Fixed improper validation of IPv6 and IPvFuture addresses bsc1233307...

SUSE CVE-2025-22952

elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery SSRF due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks...

WordPress plugin Gtbabel 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2006-4023

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ip2long function in PHP 5.1.4 and earlier may incorrectly validate an arbitrary string and return a valid network IP address, which allows remote attackers ...

CVE-2022-49318

In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARNON in f2fsisvalidblkaddr Syzbot triggers two WARNs in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if type is DATAGENERICENHANCE or DATAGENERICENHANCEREAD, it invokes WARNON if blkadd...

DEBIAN-CVE-2022-49318

In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARNON in f2fsisvalidblkaddr Syzbot triggers two WARNs in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if type is DATAGENERICENHANCE or DATAGENERICENHANCEREAD, it invokes WARNON if blkadd...

CVE-2022-49363

CVE-2022-49363 – Linux kernel (F2FS): A bug in the F2FS file system allowed a panic due to inconsistent inode SIT/block mapping after fuzzing, fixed by adding a sanity check on block addresses before updating the SIT table in f2fs_fallocate/f2fs_do_zero_range. Affected component is the F2FS imple...

CVE-2022-49318 f2fs: remove WARN_ON in f2fs_is_valid_blkaddr

In the Linux kernel, the following vulnerability has been resolved: f2fs: remove WARNON in f2fsisvalidblkaddr Syzbot triggers two WARNs in f2fsisvalidblkaddr and isbitmapvalid. For example, in f2fsisvalidblkaddr, if type is DATAGENERICENHANCE or DATAGENERICENHANCEREAD, it invokes WARNON if blkadd...

CVE-2022-49067

CVE-2022-49067 is about a Linux kernel issue where virt_addr_valid() incorrectly returned true for vmalloc addresses in 64-bit Book3E (and related 32-bit behavior). Investigations across multiple advisories (NVD, Red Hat, Debian OSV, Unity/NASL/Nessus plugins) describe the root cause: __pa() can ...

Liman MYS 输入验证错误漏洞

Liman MYS is a port center management system from Liman MYS open source. An input validation error vulnerability exists in versions of Liman MYS prior to 2.1.1-1010 that stems from not properly validating URL input. An attacker could exploit the vulnerability to redirect users to a malicious site...

CVE-2024-1739

lunary-ai/lunary is vulnerable to an authentication issue due to improper validation of email addresses during the signup process. Specifically, the server fails to treat email addresses as case insensitive, allowing the creation of multiple accounts with the same email address by varying the cas...

CVE-2024-8957

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntpaddr configuration value which may lead to arbitrary command execution when ntpclient is started. When chained with CVE-2024-8956, a remote and...

The vulnerability of the NWS_PF_setMacAddrExceptionIP handler of the NetworkingService service in the Mercedes-Benz User Experience (MBUX) system allows a hacker to execute arbitrary commands.

The vulnerability of the NWSPFsetMacAddrExceptionIP handler of the NetworkingService service in the Mercedes-Benz User Experience MBUX system is related to insufficient validation of input data during MAC address processing. Exploiting this vulnerability can allow an attacker to execute arbitrary...

PT-2025-1230 · Mercedes Benz · Mbux +1

Name of the Vulnerable Software and Affected Versions: Mercedes-Benz head-unit NTG6 Description: The issue is related to the Mercedes-Benz head-unit NTG6, which has Ethernet pins on the Base Board to connect the module CSB. An attacker can connect to these pins and gain access to the internal...

SUSE CVE-2024-56374

An issue was discovered in Django 5.1 before 5.1.5, 5.0 before 5.0.11, and 4.2 before 4.2.18. Lack of upper-bound limit enforcement in strings passed when performing IPv6 validation could lead to a potential denial-of-service attack. The undocumented and private functions cleanipv6address and...