Malicious code in react-native-httpapi (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 872a61b5247749d233711d5fe71d6da937fd301c6cfe4317b41b6f69f4566000 Any computer that has this package installed or running should be considered...

MAL-2025-45764 Malicious code in react-native-httpapi (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 872a61b5247749d233711d5fe71d6da937fd301c6cfe4317b41b6f69f4566000 Any computer that has this package installed or running should be considered...

SUSE-SU-2025:03024-1 Security update for tomcat

This update for tomcat fixes the following issues: Updated to 9.0.108: - CVE-2025-52520: Fixed integer overflow can lead to DoS for some unlikely configurations of multipart upload bsc1246388 - CVE-2025-53506: Fixed uncontrolled resource HTTP/2 client consumption vulnerability bsc1246318 -...

Malicious code in onnxruntime-reactnative-example (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41587 Malicious code in onnxruntime-reactnative-example (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in cloud-native-ai-pipeline (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41542 Malicious code in cloud-native-ai-pipeline (npm)

--- -= Per source details. Do not edit below this line.=-...

WordPress plugin Magazine Elite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Ireca 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Linux Distros Unpatched Vulnerability : CVE-2025-27148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build automation tool, and its native-platform tool provides Java bindings for native APIs. On Unix-like systems, the system temporary directory can...

Linux Distros Unpatched Vulnerability : CVE-2017-15698

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly handle field...

Linux Distros Unpatched Vulnerability : CVE-2024-6873

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to...

Unpacking the 2025 Gartner Market Guide for CNAPP

From siloed tools to a unified platform: Key takeaways from Gartner's new CNAPP report...

CVE-2025-9341

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...

Key Takeaways from KubeCon + CloudNativeCon India 2025

...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the AESNativeCBC class due to the use of a private instance class, rather than a private static class. An attacker can cause heap exhaustion by triggering excessive memory allocati...

GHSA-JFCV-JV9G-2VX2 Bouncy Castle for Java has Uncontrolled Resource Consumption Vulnerability

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules allows Excessive Allocation. This vulnerability is associated with program files org/bouncycastle/crypto/fips/AESNativeCBC.Java. This issue affects Bouncy...

CVE-2025-9341

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java FIPS bc-fips on All API modules, Legion of the Bouncy Castle Inc. Bouncy Castle for Java LTS bcprov-lts8on on All API modules allows Excessive Allocation. This vulnerability is associated wi...