Lucene search
K

5610 matches found

OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-38450 Malicious code in virgo-got-sass-loader-spica (npm)

The package virgo-got-sass-loader-spica was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-19482 Malicious code in elektra-grus-cassini-postcss-loader (npm)

The package elektra-grus-cassini-postcss-loader was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-38782 Malicious code in warp-postcss-loader-jest-cosmicsilence (npm)

The package warp-postcss-loader-jest-cosmicsilence was found to contain malicious code...

7.2AI score
Exploits0
NVD
NVD
added 2025/08/13 6:15 p.m.8 views

CVE-2025-23304

NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering...

9.8CVSS0.00993EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/13 5:16 p.m.1 views

CVE-2025-23304

NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component, where an attacker could cause code injection by loading .nemo files with maliciously crafted metadata. A successful exploit of this vulnerability may lead to remote code execution and data tampering...

7.8CVSS8.2AI score0.00993EPSS
Exploits0References3
CVE
CVE
added 2025/08/13 5:16 p.m.27 views

CVE-2025-23304

CVE-2025-23304 affects the NVIDIA NeMo library (model loading component). The vulnerability arises from loading .nemo files with maliciously crafted metadata, enabling code injection that may lead to remote code execution and data tampering. Affected: NVIDIA NeMo library (model loading). Exploita...

9.8CVSS8.2AI score0.00993EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-3549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function...

5.3CVSS5.6AI score0.0023EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-4972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OpenStack Murano before 1.0.3 liberty and 2.x before 2.0.1 mitaka, Murano-dashboard before 1.0.3 liberty and 2.x before 2.0.1 mitaka, and python-muranoclient...

9.8CVSS8.8AI score0.03166EPSS
Exploits0References2
NVD
NVD
added 2025/08/09 3:15 a.m.5 views

CVE-2025-55008

The AuthKit library for React Router 7+ provides helpers for authentication and session management using WorkOS & AuthKit with React Router. In versions 0.6.1 and below, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by...

7.1CVSS0.00342EPSS
Exploits0References3
NVD
NVD
added 2025/08/09 3:15 a.m.59 views

CVE-2025-55009

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

7.1CVSS0.00342EPSS
Exploits0References3
Snyk
Snyk
added 2025/08/09 2:41 a.m.4 views

Information Exposure

Overview @workos-inc/authkit-react-router is an Authentication and session helpers for using WorkOS & AuthKit with React Router 7+ Affected versions of this package are vulnerable to Information Exposure via the accessToken and sealedSession parameters in the authkitLoader function. An attacker c...

7.6CVSS6.9AI score0.00342EPSS
Exploits0References2
CVE
CVE
added 2025/08/09 2:2 a.m.31 views

CVE-2025-55008

CVE-2025-55008 affects the AuthKit React Router library for React Router 7+. In versions ≤ 0.6.1, the package exposes sensitive authentication artifacts — specifically sealedSession and accessToken — by returning them from the authkitLoader , causing them to be rendered into browser HTML (informa...

7.1CVSS6.7AI score0.00342EPSS
Exploits0References3
CVE
CVE
added 2025/08/09 2:2 a.m.32 views

CVE-2025-55009

CVE-2025-55009 affects the AuthKit Remix package @workos-inc/authkit-remix. Versions ≤ 0.14.1 expose sensitive artifacts (sealedSession and accessToken) via the authkitLoader, causing them to be rendered into browser HTML. This creates information exposure and potential session/API access risk, a...

7.1CVSS6.9AI score0.00342EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/08/09 2:2 a.m.5 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

7.1CVSS7.2AI score0.00342EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/09 2:2 a.m.67 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

7.1CVSS0.00342EPSS
Exploits0References3
OSV
OSV
added 2025/08/09 2:2 a.m.26 views

CVE-2025-55009 AuthKit: Sensitive auth data rendered in HTML

The AuthKit library for Remix provides convenient helpers for authentication and session management using WorkOS & AuthKit with Remix. In versions 0.14.1 and below, @workos-inc/authkit-remix exposed sensitive authentication artifacts — specifically sealedSession and accessToken — by returning the...

7.1CVSS6.7AI score0.00342EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/09 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-6556

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML...

5.4CVSS5.7AI score0.00157EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2025/08/08 5:4 p.m.9 views

The AuthKit React Router Library rendered sensitive auth data in HTML

In versions before 0.7.0, @workos-inc/authkit-react-router exposed sensitive authentication artifacts — specifically sealedSession and accessToken by returning them from the authkitLoader. This caused them to be rendered into the browser HTML. Impact This information disclosure could lead to...

7.1CVSS6AI score0.00342EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2025/08/08 12:0 a.m.6 views

ExecuTorch integer overflow vulnerability

An integer overflow vulnerability in the loading of ExecuTorch models can cause objects to be placed outside their allocated memory area, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 0830af8207240df8d7f35b984cdf8bc35d74fa73...

9.8CVSS6.5AI score0.00571EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-49949

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firmwareloader: Fix memory leak in firmware upload In the case of firmware-upload, an instan...

5.5CVSS6AI score0.00179EPSS
Exploits0References2
Rows per page
Query Builder