The vulnerability of the sqfs inode_size function in the U-Boot loader allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the sqfs inodesize function in the U-Boot loader is related to integer overflow. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the ext4fs_read_symlink function in the U-Boot loader allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ext4fsreadsymlink function in the U-Boot loader is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

The vulnerability of the sqfs_size function in the U-Boot loader allows a hacker to execute arbitrary code.

The vulnerability of the sqfssize function in the U-Boot loader is related to an uncontrolled recursion. Exploiting this vulnerability could allow a hacker to execute arbitrary code...

The vulnerability of the U-Boot loader, related to integer overflows, allows attackers to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the U-Boot loader is related to a numerical overflow condition. Exploiting this vulnerability can allow an attacker to influence the confidentiality, integrity, and accessibility of the protected information...

Important: Red Hat Security Advisory: grub2 security update

An update for grub2 is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations

Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker aka Monstrous Mantis, FIN7, FIN8, and Ruthless Mantis ex-REvil. "Ragnar Loader plays a key role in keeping access to...

SUSE CVE-2024-36347

Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged...

Linux Distros Unpatched Vulnerability : CVE-2022-27938

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.19, as used in libsixel and other products, has a reachable assertion in stbicreatepngimageraw. CVE-2022-27938 Note that...

Embedded Malicious Code

Overview cdn-icon-fetcher-help is a Malicious package. Affected versions of this package are vulnerable to Embedded Malicious Code. Once this package is installed and executed, it downloads a Javascript file from a cdn-static-seven.vercel.app URL, which appears to be an image hosting site. Howeve...

Embedded Malicious Code

Overview cdn-icon-fetch is a Malicious package. Affected versions of this package are vulnerable to Embedded Malicious Code. Once this package is installed and executed, it downloads a Javascript file from a cdn-static-server.vercel.app URL, which appears to be an image hosting site. However, by...

Seven Malicious Go Packages Found Deploying Malware on Linux and macOS Systems

Cybersecurity researchers are alerting of an ongoing malicious campaign targeting the Go ecosystem with typosquatted modules that are designed to deploy loader malware on Linux and Apple macOS systems. "The threat actor has published at least seven packages impersonating widely used Go libraries,...

Linux Distros Unpatched Vulnerability : CVE-2022-37601

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all...

Researchers Link CACTUS Ransomware Tactics to Former Black Basta Affiliates

Threat actors deploying the Black Basta and CACTUS ransomware families have been found to rely on the same BackConnect BC module for maintaining persistent control over infected hosts, a sign that affiliates previously associated with Black Basta may have transitioned to CACTUS. "Once infiltrated...

Linux Distros Unpatched Vulnerability : CVE-2019-20056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned. CVE-2019-20056 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2016-9380

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pygrub boot loader emulator in Xen, when nul-delimited output format is requested, allows local pygrub-using guest OS administrators to read or delete...

Linux Distros Unpatched Vulnerability : CVE-2016-9379

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub- using guest OS administrators to read or delete...

AZL-57507 CVE-2025-0689 affecting package grub2 for versions less than 2.06-25

When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size whi...

Malicious code in pp-react-content-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e8280f253e75704177d57797625fe0d81836b0ae85c09ebbc58cdbec1b2a5b4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1621 Malicious code in pp-react-content-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e8280f253e75704177d57797625fe0d81836b0ae85c09ebbc58cdbec1b2a5b4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-content-loader-fork (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 29f4fac1cd9b3669fd66345e097ee2be915ef08de77e2fe1a0473640df479d33 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...