Malicious code in notification-displayer (npm)

The package notification-displayer was found to contain malicious code...

Malicious code in notification-layer (npm)

The package notification-layer was found to contain malicious code...

MAL-2025-42046 Malicious code in notification-layer (npm)

The package notification-layer was found to contain malicious code...

MAL-2025-42045 Malicious code in notification-displayer (npm)

The package notification-displayer was found to contain malicious code...

kernel: sch_hfsc: make hfsc_qlen_notify() idempotent

In the Linux kernel, the following vulnerability has been resolved: schhfsc: make hfscqlennotify idempotent hfscqlennotify is not idempotent either and not friendly to its callers, like fqcodeldequeue. Let's make it idempotent to ease qdisctreereducebacklog callers' life: 1. updatevf decreases...

Linux Distros Unpatched Vulnerability : CVE-2019-6781

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An Improper Input Validation issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It w...

Linux Distros Unpatched Vulnerability : CVE-2019-20394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A double-free is present in libyang before v1.0-r3 in the function yyparse when a type statement in used in a notification statement. Applications that use...

Linux Distros Unpatched Vulnerability : CVE-2021-39908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE starting from 0.8.0 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before...

Fedora: Security Advisory (FEDORA-2025-5869edf3de)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

📄 GeoVision ASManager Windows Application 6.1.2.0 Remote Code Execution

GeoVision ASManager Windows Application version 6.1.2.0 suffers from a remote code execution vulnerability. Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution RCE Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage:...

GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution (RCE)

Exploit Title: GeoVision ASManager Windows Application 6.1.2.0 - Remote Code Execution RCE Date: 19-MAR-2025 Exploit Author: Giorgi Dograshvili DRAGOWN Vendor Homepage: https://www.geovision.com.tw/ Software Link: https://www.geovision.com.tw/download/product/ Version: 6.1.2.0 or less Tested on:...

CVE-2016-5552 vulnerabilities

Vulnerabilities for packages: openjdk-11-openj9, openjdk-17-openj9, openjdk-26-openj9, openjdk-8-openj9, openjdk-21-openj9, openjdk-25-openj9...

CGA-XXR5-JP8V-WM5J

Bulletin has no description...

CVE-2025-38638

In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection only. This means the route could be changed concurrently and rt6fillnode could return -EMSGSIZE. Re-size the skb when this happens and retry...

UBUNTU-CVE-2025-38638

In the Linux kernel, the following vulnerability has been resolved: ipv6: add a retry logic in net6rtnotify inet6rtnotify can be called under RCU protection only. This means the route could be changed concurrently and rt6fillnode could return -EMSGSIZE. Re-size the skb when this happens and retry...

CVE-2025-38638

CVE-2025-38638: In the Linux kernel IPv6 stack, inet6_rt_notify() could be invoked under RCU protection, allowing concurrent route changes and rt6_fill_node() returning -EMSGSIZE. The fix adds retry logic: when this situation is detected, the skb is resized and the operation retried, and a previo...

com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +78 more potentially affected by CVE-2025-9340 via org.bouncycastle:bc-fips (=2.1.0)

org.bouncycastle:bc-fips MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.github.cafaudit:caf-audit-binding-elasticsearch =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321,...

Linux Distros Unpatched Vulnerability : CVE-2023-45819

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - TinyMCE is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in TinyMCE's Notification Manager API. The vulnerability...

CVE-2025-54172 Stored Cross-Site Scripting in QuickCMS

QuickCMS is vulnerable to Stored XSS in sTitle parameter in page editor functionality. Malicious attacker with admin privileges can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. Regular admin user is not able to inject any JS scripts into th...

Linux Distros Unpatched Vulnerability : CVE-2019-13031

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LemonLDAP::NG before 1.9.20 has an XML External Entity XXE issue when submitting a notification to the notification server. By default, the notification server ...