8278 matches found
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code that conceals a credential-stealing payload and worm propagation logic. A malicious actor associated with the "TeamPCP" or "Mini Shai-Hulud" campaign compromised a maintainer's access token; this allowed the...
Updated rclone packages fix security vulnerabilities
This update bring new features, bugs and vulnerabilities fixed in rclone and golang components used to build it...
MGASA-2026-0147 Updated rclone packages fix security vulnerabilities
This update bring new features, bugs and vulnerabilities fixed in rclone and golang components used to build it...
Improper Validation of Array Index
Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Improper Validation of Array Index
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
Improper Validation of Array Index
Overview Affected versions of this package are vulnerable to Improper Validation of Array Index in the connected-components when an invalid value is supplied to the keep-top parameter. An attacker can access sensitive memory contents or cause a partial denial of service by providing a specially...
ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define
An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...
Improper Validation of Array Index
Overview Magick.NET-Q8-OpenMP-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package ar...
Improper Validation of Array Index
Overview Magick.NET-Q8-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Improper Validation of Array Index
Overview Magick.NET-Q16-HDRI-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this...
GHSA-VHRH-72HQ-W8M7 ImageMagick: Out-of-Bounds Read in connected components when the user supplies an invalid keep-top define
An invalid connected-components:keep-top value could result in a heap buffer over-read when performing the connected components operation...
Improper Validation of Array Index
Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Improper Validation of Array Index
Overview Magick.NET-Q16-HDRI-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Improper Validation of Array Index
Overview Magick.NET-Q8-x86 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Improper Validation of Array Index
Overview Magick.NET-Q16-AnyCPU is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
GHSA-F946-9QP6-VGCH shopper/framework: Authorization bypass in multiple Livewire admin components
Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...
shopper/framework: Authorization bypass in multiple Livewire admin components
Impact Multiple Livewire components in the admin panel allowed an authenticated low-privilege user to mutate data without the required permission: - Order detail Filament actions cancel, mark paid, mark complete, capture payment, archive, start processing were callable with readorders only and di...
PT-2026-41776
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An invalid connected-components:keep-top value can lead to a heap buffer over-read during the connected components operation. A heap buffer over-read occurs when...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Security Lab "React2Shell" This repository c...
Malicious code in bui-react-10components (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3fd97accb94b52913accc33671fd34134afa96fd92bc09e5d0c440eef9b1a8c6 The package bui-react-10components was found to contain malicious code. Source: ossf-package-analysis...