Lucene search
K

780 matches found

RedHat Linux
RedHat Linux
added 2025/08/20 8:10 a.m.3 views

kernel: ext4: avoid resizing to a partial cluster size

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

5.5CVSS6.3AI score0.00157EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/08/19 12:21 a.m.4 views

kernel: ext4: avoid resizing to a partial cluster size

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

5.5CVSS6.3AI score0.00157EPSS
Exploits0References5
Snyk
Snyk
added 2025/08/14 3:40 p.m.1 views

Malicious Package

Overview github.com/briefinitia/gouid is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate packages. Upon...

9.8CVSS7.4AI score
Exploits0References3
Snyk
Snyk
added 2025/08/14 3:40 p.m.2 views

Malicious Package

Overview github.com/lastnymph/gouid is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate packages. Upon...

9.8CVSS7.4AI score
Exploits0References3
Snyk
Snyk
added 2025/08/14 3:40 p.m.2 views

Malicious Package

Overview github.com/wetteepee/hcloud-ip-floater is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate package...

9.8CVSS7.4AI score
Exploits0References3
Snyk
Snyk
added 2025/08/14 3:40 p.m.1 views

Malicious Package

Overview github.com/stripedconsu/linker is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate packages. Upon...

9.8CVSS7.4AI score
Exploits0References3
Snyk
Snyk
added 2025/08/14 3:40 p.m.2 views

Malicious Package

Overview github.com/weightycine/replika is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate packages. Upon...

9.8CVSS7.4AI score
Exploits0References3
Snyk
Snyk
added 2025/08/14 3:40 p.m.1 views

Malicious Package

Overview github.com/ordinarymea/tnsrids is a malicious package. This package contains malicious code designed to provide attackers with on-demand remote access to a developer's system or CI/CD environment. The package and some other variants use typosquatting to imitate legitimate packages. Upon...

9.8CVSS7.4AI score
Exploits0References3
The Hacker News
The Hacker News
added 2025/08/14 1:16 p.m.14 views

Hackers Found Using CrossC2 to Expand Cobalt Strike Beacon's Reach to Linux and macOS

Japan's CERT coordination center JPCERT/CC on Thursday revealed it observed incidents that involved the use of a command-and-control C2 framework called CrossC2, which is designed to extend the functionality of Cobalt Strike to other platforms like Linux and Apple macOS for cross-platform system...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2025/08/13 3:46 p.m.13 views

New PS1Bot Malware Campaign Uses Malvertising to Deploy Multi-Stage In-Memory Attacks

Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot. "PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious activities on infected systems,...

7.1AI score
Exploits0
Talos Blog
Talos Blog
added 2025/08/12 8:0 p.m.16 views

Malvertising campaign leads to PS1Bot, a multi-stage malware framework

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C, which we are referring to as "PS1Bot." PS1Bot features a modular design, with several modules delivered used to perform a variety of malicious...

7.1AI score
Exploits0
NVD
NVD
added 2025/08/12 3:15 a.m.6 views

CVE-2025-42976

SAP NetWeaver Application Server ABAP BIC Document allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can...

8.1CVSS0.00372EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/12 2:10 a.m.7 views

CVE-2025-42976 Multiple vulnerabilities in SAP NetWeaver Application Server ABAP (BIC Document)

SAP NetWeaver Application Server ABAP BIC Document allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can...

8.1CVSS0.00372EPSS
Exploits0References2
Fedora
Fedora
added 2025/08/08 12:55 a.m.6 views

[SECURITY] Fedora 42 Update: varnish-7.6.1-6.fc42

This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=E2=80=99t have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a significant speed up...

5.4CVSS6.9AI score0.003EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2025/08/05 12:0 a.m.2 views

FlashVault: Versatile In-NAND Self-Encryption with Zero Area Overhead

We present FlashVault, an in-NAND self-encryption architecture that embeds a reconfigurable cryptographic engine into the unused silicon area of a state-of-the-art 4D V-NAND structure. FlashVault supports not only block ciphers for data encryption but also public-key and post-quantum algorithms f...

6.9AI score
Exploits0
Amazon
Amazon
added 2025/08/04 12:0 a.m.3 views

Medium: pam

Issue Overview: A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input stdin. As this occurs, the attacker can train the branch predictor to execute an ROP chain...

4.7CVSS6.7AI score0.00265EPSS
Exploits0
OSV
OSV
added 2025/07/28 5:15 p.m.4 views

CVE-2025-54537

In JetBrains TeamCity before 2025.07 user credentials were stored in plain text in memory snapshots...

5.5CVSS5.8AI score0.00249EPSS
Exploits0References1
Fedora
Fedora
added 2025/07/25 2:1 a.m.5 views

[SECURITY] Fedora 41 Update: valkey-8.0.4-1.fc41

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.8CVSS7.4AI score0.03877EPSS
Exploits4
Fedora
Fedora
added 2025/07/25 1:4 a.m.4 views

[SECURITY] Fedora 42 Update: valkey-8.0.4-1.fc42

Valkey is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing s...

9.8CVSS7.4AI score0.03877EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2025/07/11 12:0 a.m.7 views

The vulnerability in the implementation of the Credential Security Support Provider (CredSSP) protocol of the Microsoft Windows operating system allows a perpetrator to enhance their privileges.

The vulnerability of the Credential Security Support Provider CredSSP protocol implementation in the Microsoft Windows operating system lies in the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.8AI score0.01677EPSS
Exploits3References2
Rows per page
Query Builder