150 matches found
Malicious code in grab-service-worker (npm)
The package communicates with a domain associated with malicious activity...
MAL-2025-41388 Malicious code in grab-service-worker (npm)
The package communicates with a domain associated with malicious activity...
Malicious code in grab-id-client (npm)
The package grab-id-client was found to contain malicious code...
MAL-2025-21797 Malicious code in grab-id-client (npm)
The package grab-id-client was found to contain malicious code...
xorg-x11-server: reattaching to different master device may lead to out-of-bounds memory access
An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...
SUSE CVE-2025-38102
In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...
AZL-64496 CVE-2025-38102 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...
CVE-2023-47844
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Lim Kai Yang Grab & Save allows Reflected XSS.This issue affects Grab & Save: from n/a through 1.0.4...
CVE-2023-47845
Cross-Site Request Forgery CSRF vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4...
DEBIAN-CVE-2025-37988
In the Linux kernel, the following vulnerability has been resolved: fix a couple of races in MNTTREEBENEATH handling by domovemount Normally dolockmountpath, is locking a mountpoint pinned by path and at the time when matching unlockmount unlocks that location it is still pinned by the same thing...
AZL-54158 CVE-2024-53130 affecting package kernel for versions less than 5.15.176.3-1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blockdirtybuffer tracepoint When using the "block:blockdirtybuffer" tracepoint, markbufferdirty may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens...
UBUNTU-CVE-2024-53130
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blockdirtybuffer tracepoint When using the "block:blockdirtybuffer" tracepoint, markbufferdirty may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens...
CVE-2024-53052 io_uring/rw: fix missing NOWAIT check for O_DIRECT start write
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: fix missing NOWAIT check for ODIRECT start write When iouring starts a write, it'll call kiocbstartwrite to bump the super block rwsem, preventing any freezes from happening while that write is in-flight. The freeze...
Malicious code in module-grab (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb37f88f9f6a37fa239ee1d591acdd1ee642b1d6447cba12accde00c474a94bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-9294 Malicious code in module-grab (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cb37f88f9f6a37fa239ee1d591acdd1ee642b1d6447cba12accde00c474a94bb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Symantec Messaging Gateway 10 Exposure Of Stored AD Password
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest' require "openssl" class MetasploitModule 'Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability', 'Description' = %q This module wi...
SUSE CVE-2024-44943
In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...
DEBIAN-CVE-2024-44943
In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...
MAL-2024-2775 Malicious code in null_hash_grab_decode (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-47845
Cross-Site Request Forgery CSRF vulnerability in Lim Kai Yang Grab & Save.This issue affects Grab & Save: from n/a through 1.0.4...