MAL-2025-41487 Malicious code in @twork-data-services/compnay-api-v1-company-rosbank-cib (npm)

--- -= Per source details. Do not edit below this line.=-...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

Important: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update a...

libarchive: Double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c

A vulnerability has been identified in the libarchive library, specifically within the archivereadformatrarseekdata function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enablin...

libbiosig Input Validation Error Vulnerability

libbiosig is BioSig Project open source an open source software library for biomedical signal processing . With biological signal analysis functions. libbiosig there is an input validation error vulnerability , the vulnerability stems from the GDF parsing function fails to correctly validate the...

Ubuntu: Security Advisory (USN-7718-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : ignition (SUSE-SU-2025:03001-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03001-1 advisory. - CVE-2022-28948: Fixed an issue during unmarshaling in Go-Yaml v3 can lead to DoS via invalid input bsc1248548 Tenable has extracted the...

SUSE CVE-2025-55298

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to ImageMagick versions 6.9.13-28 and 7.1.2-2, a format string bug vulnerability exists in InterpretImageFilename function where user input is directly passed to FormatLocaleString without proper...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.57 bug fix and security update

Red Hat OpenShift Container Platform release 4.15.57 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

CVE-2025-55495

creationtimestamp| type| source ---|---|--- 2025-08-27 20:05:11+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115102522440790372...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 PoC Educational Use Only Details about this C...

CVE-2025-55298

A flaw was found in ImageMagick. Processing a file with a specially crafted name, specifically one with format specifiers such as %d, %o, or %x, can trigger a format string bug due to improper input sanitization, resulting in a heap-based buffer over-read or arbitrary code execution. Mitigation T...

[SECURITY] Fedora 42 Update: libtiff-4.7.0-8.fc42

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...

[SECURITY] Fedora 41 Update: libtiff-4.6.0-6.fc41.2

The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for bitmapped images. TIFF files usually end in the .tif extension and they are often quite large. The libtiff package should be installed if yo...

Linux Distros Unpatched Vulnerability : CVE-2025-20234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on ...

Linux Distros Unpatched Vulnerability : CVE-2021-40391

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev commit b5f1eacd, and the forked version of...

Linux Distros Unpatched Vulnerability : CVE-2023-39949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.9.1 and 2.6.5, improper...

Addressing Deepfake Issue in Selfie Banking through Camera Based Authentication

Fake images in selfie banking are increasingly becoming a threat. Previously, it was just Photoshop, but now deep learning technologies enable us to create highly realistic fake identities, which fraudsters exploit to bypass biometric systems such as facial recognition in online banking. This pap...

Linux Distros Unpatched Vulnerability : CVE-2022-38234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObjObject at /xpdf/Lexer.cc. CVE-2022-38234 Note that Nessus relies on the...