29552 matches found
GHSA-VRQ8-3X54-8JJ3 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-V77Q-JQJ8-8VVQ vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-J89Q-H74W-5C2Q vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-VRQ8-3X54-8JJ3 vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-7W4V-J6PR-V8HV vulnerabilities
Vulnerabilities for packages: chromium...
Astra Linux - уязвимость в vim
Heap-based Buffer Overflow in the GitHub repository vim/vim before version 8.2.4968...
Astra Linux - уязвимость в vim
NULL pointer dereferencing in the GitHub repository for vim/vim before version 9.0.0240...
Astra Linux - уязвимость в grunt
The file.copy operations in GruntJS are vulnerable to a TOCTOU race condition, which can lead to arbitrary file writes in the GitHub repository gruntjs/grunt before version 1.5.3. This vulnerability allows for arbitrary file writes that can lead to local privilege escalation to the GruntJS user...
Astra Linux - уязвимость в vim
Heap-based Buffer Overflow in the GitHub repository for Vim before version 8.2...
Grafana GitHub Breach Exposes Source Code via TanStack npm Attack
Grafana Labs, on May 19, 2026, said an investigation into its recent breach found no evidence of customer production systems or operations being compromised. It said the scope of the incident is limited to the Grafana Labs GitHub environment, which includes public and private source code along wi...
Malicious code in cloud-pc-templates (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 044178c5b07f16ba0681f534724c7bcac3c8f39832484c7a3ac51d43a69cd803 The ai login CLI subcommands loginMode huggingface, ollamacloud, ollamalocal each download a proxy script from a mutable refs/heads/main branch of a...
MAL-2026-4528 Malicious code in cloud-pc-templates (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 044178c5b07f16ba0681f534724c7bcac3c8f39832484c7a3ac51d43a69cd803 The ai login CLI subcommands loginMode huggingface, ollamacloud, ollamalocal each download a proxy script from a mutable refs/heads/main branch of a...
PT-2026-42366
goshs is Missing Write Protection for Parametric Data Values in github.com/patrickhener/goshs...
PT-2026-42370
monetr: Server-side request forgery in Lunch Flow link creation and refresh in github.com/monetr/monetr...
PT-2026-42369
Nuclei: Local File Read via require Module Loader Bypass in github.com/projectdiscovery/nuclei...
PT-2026-42371
NornicDB has Improper Network Binding in its Bolt Server, allowing unauthorized remote access in github.com/orneryd/nornicdb...
UBUNTU-CVE-2026-45793
Github Actions issued GITHUBTOKEN disclosure in GitHub Actions logs...
CVE-2026-45793
Github Actions issued GITHUBTOKEN disclosure in GitHub Actions logs...
PT-2026-42379
free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers in github.com/free5gc/smf...
Malicious code in tubebrain (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4773b7c6b3832dbd9b733f1bbe60d85f6a85a0764ad0c43345962c09add1cca lib/bootstrap.js contains a hardcoded outbound channel to https://transscendsurvival.org alongside calls to https://api.github.com and reads of...