Malicious code in dreame-claude (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44b904b33e89c1b805a677ba354efd9fb3a2433181457eaa178dde53d834a387 The package dreame-claude was found to contain malicious code. Source: ghsa-malware 4af60f8f709a4f9b864b976407e3415357526d2edebe39413dd0de8b3783578b...

Oracle Virtualization security vulnerabilities

Oracle Virtualization is a virtualization solution developed by Oracle, a company in the United States. This product is used for the unified management of the entire hardware and software system, from applications to disks, enabling virtualization from desktops to data centers. VM VirtualBox is o...

PT-2026-3722

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.29 and 21.3-21.20. Easily exploitable vulnerability allows high privileged attacker having Authenticated User privilege with network access via Oracle Net to compromise Java VM...

MiracleLinux 9 : kernel-5.14.0-427.40.1.el9_4 (AXSA:2024-8938:33)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8938:33 advisory. kernel: Local information disclosure on IntelR AtomR processors CVE-2023-28746 kernel: netfilter: nftflowoffload: reset dst in route object after...

Constructing Multi-Label Hierarchical Classification Models for MITRE ATT&CK Text Tagging

MITRE ATT&CK is a cybersecurity knowledge base that organizes threat actor and cyber-attack information into a set of tactics describing the reasons and goals threat actors have for carrying out attacks, with each tactic having a set of techniques that describe the potential methods used in these...

Static Detection of Core Structures in Tigress Virtualization-Based Obfuscation Using an LLVM Pass

Malware often uses obfuscation to hinder security analysis. Among these techniques, virtualization-based obfuscation is particularly strong because it protects programs by translating original instructions into attacker-defined virtual machine VM bytecode, producing long and complex code that is...

Techniques of Modern Attacks

The techniques used in modern attacks have become an important factor for investigation. As we advance further into the digital age, cyber attackers are employing increasingly sophisticated and highly threatening methods. These attacks target not only organizations and governments but also extend...

MiracleLinux 4 : virt-v2v-0.8.3-5.0.1.AXS4 (AXSA:2012-50:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-50:01 advisory. virt-v2v is a tool for converting virtual machines to use the KVM hypervisor. It modifies both the virtual machine image and its associated libvirt metadata...

OSV-2025-1059 Security exception in com.google.re2j.Machine.add

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476431390 Crash type: Security exception Crash state: com.google.re2j.Machine.add com.google.re2j.Machine$Thread. com.google.re2j.Machine.alloc...

Hybrid IDS Using Signature-Based and Anomaly-Based Detection

Intrusion detection systems IDS are essential for protecting computer systems and networks against a wide range of cyber threats that continue to evolve over time. IDS are commonly categorized into two main types, each with its own strengths and limitations, such as difficulty in detecting...

CVE-2026-23523 Dive allows One-click Remote Code Execution through Deep Links for MCP Install

Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. Prior to 0.13.0, crafted deeplink can install an attacker-controlled MCP server configuration without sufficient user confirmation and can lead to arbitrary local command execution on the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001598)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001598 advisory. The handleinvept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service NULL pointer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001646 advisory. The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a writemmio stack-base...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004444 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001335)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001335 advisory. A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB virtual machine control block provided by t...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001588)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001588 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001443)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001443 advisory. An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service soft lockup by triggering destruction of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004477)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004477 advisory. KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATEHOSTR1 to store r1 state in kvmppchventry plus in kvmppcsave,restoretm, leading to a stac...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004788)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004788 advisory. A flaw in netrdsallocsgs in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2 Availability impacts. CVSS Vector...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004242)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004242 advisory. An out-of-bounds memory write issue was found in the Linux Kernel, version 3.13 through 5.4, in the way the Linux kernel's KVM hypervisor handled the...