Lucene search
K

6427 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/15 6:4 a.m.3 views

Malicious code in curve-ui-kit-security-notice (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0fb2012407c0ff7c7e2c1a915c8ad608d1b47a31f725b9a9e68d652ad55bfcc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/10/15 6:4 a.m.4 views

MAL-2025-48420 Malicious code in curve-ui-kit-security-notice (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0fb2012407c0ff7c7e2c1a915c8ad608d1b47a31f725b9a9e68d652ad55bfcc8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Cvelist
Cvelist
added 2025/10/15 1:23 a.m.8 views

CVE-2017-20205 Valve Source SDK Stack-Based Buffer Overflow RCE

Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...

9.2CVSS0.00632EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/15 12:38 a.m.4 views

WordPress Demo Import Kit plugin <= 1.1.0 - Authenticated (Admin+) Arbitrary File Upload vulnerability

Authenticated Admin+ Arbitrary File Upload vulnerability discovered by vodanh in WordPress Plugin Demo Import Kit versions = 1.1.0...

7.2CVSS7AI score0.00634EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/15 12:0 a.m.3 views

PT-2025-42216

Valve's Source SDK source-sdk-2013's ragdoll model parsing logic contains a stack-based buffer overflow vulnerability.The tokenizer function nexttoken copies characters from an input string into a fixed-size stack buffer without performing bounds checks. When ParseKeyValue processes a collisionpa...

9.2CVSS8.5AI score0.00632EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.2 views

WordPress plugin Demo Import Kit 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. An arbitrary file upload vulnerability exists in the WordPress Demo Import Kit plugin, which stems from a lack of file type validation in the import function and can be exploite...

7.2CVSS8AI score0.00634EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/15 12:0 a.m.3 views

Source SDK 安全漏洞

Source SDK is an open source computer game by Valve Software. A security vulnerability exists in Source SDK that stems from a stack-based buffer overflow in the ragdoll model parsing logic, which could lead to remote code execution...

9.2CVSS8.2AI score0.00632EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/15 12:0 a.m.5 views

RHEL 8 : .NET 8.0 (RHSA-2025:18148)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:18148 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

9.9CVSS8.8AI score0.66258EPSS
Exploits5References8
AlmaLinux
AlmaLinux
added 2025/10/15 12:0 a.m.8 views

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.121 and .NET Runtime...

9.9CVSS6.4AI score0.66258EPSS
Exploits5References8
EUVD
EUVD
added 2025/10/14 10:24 p.m.5 views

EUVD-2025-34458

Parse Javascript SDK vulnerable to prototype pollution in Parse.Object and internal APIs...

6.4CVSS6.4AI score0.00374EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/13 5:43 p.m.4 views

EUVD-2025-34075

CommandKit has incorrect command name exposure in context object for message command aliases...

6.6AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/10 12:0 a.m.3 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : DPDK vulnerability (USN-7816-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7816-1 advisory. It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain...

6.5CVSS5.6AI score0.00278EPSS
Exploits0References2
OSV
OSV
added 2025/10/09 12:34 p.m.5 views

USN-7816-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain sensitive information, or cause the network interface to crash, resulting in a denial of service...

6.5CVSS5.8AI score0.00278EPSS
Exploits0References2
Snyk
Snyk
added 2025/10/08 12:29 a.m.1 views

Malicious Package

Overview @my-pvz/ui-kit is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS6.8AI score
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-4565

Malware in sbrugna...

5CVSS6.4AI score0.02221EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2018-3758

Malware in sbrugna...

8.1CVSS7.9AI score0.01302EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-16908

Malware in sbrugna...

9.3CVSS7.6AI score0.0088EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-1814

Malware in sbrugna...

6.5CVSS6.6AI score0.01373EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2005-0224

Malware in sbrugna...

5CVSS6.4AI score0.01825EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.11 views

EUVD-2006-6720

Malware in sbrugna...

4.3CVSS6AI score0.02311EPSS
Exploits0References29
Rows per page
Query Builder