Lucene search
K

1644 matches found

OSV
OSV
added 2026/04/28 12:4 a.m.16 views

RLSA-2026:10710 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS6AI score0.01735EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2026-429:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-429:01 advisory. cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url...

8.6CVSS5.9AI score0.00728EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/04/08 6:0 a.m.13 views

go-toolset:rhel8 security update

An update is available for module.delve, module.golang, delve, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming...

8.6CVSS7.1AI score0.00728EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/08 12:41 a.m.6 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

8.6CVSS7.1AI score0.00532EPSS
Exploits0References8
OSV
OSV
added 2026/03/26 12:0 a.m.12 views

ALSA-2026:5941 Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For more details about the security issues, including...

8.6CVSS5.9AI score0.00728EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.3 views

CVE-2026-3697

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS6.3AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/03/08 2:16 a.m.5 views

CVE-2026-3697

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS0.00247EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/08 1:32 a.m.45 views

CVE-2026-3697 Planet ICG-2510 Language Package Configuration httpd sub_40C8E4 stack-based overflow

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS0.00247EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/08 1:32 a.m.4 views

CVE-2026-3697 Planet ICG-2510 Language Package Configuration httpd sub_40C8E4 stack-based overflow

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS7.1AI score0.00247EPSS
Exploits0References4
CVE
CVE
added 2026/03/08 1:32 a.m.25 views

CVE-2026-3697

Planet ICG-2510 1.0_20250811 is affected by CVE-2026-3697. The vulnerable element is function sub_40C8E4 in /usr/sbin/httpd within the Language Package Configuration Handler. A manipulation of the Language argument can cause a stack-based buffer overflow, with the attack described as remotely exe...

6.5CVSS7.1AI score0.00247EPSS
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in tethys-geodynamo-mongoose-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 384f86bbea9a17c8c4c1cab9ac42af48a2f7da03267231823fb3b4ce4c94df69 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in robotics-auriga-eclipse-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c8603622ee8e5a543e52a8e1616d015299b855bbd4ffd91c72063efc39f558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in halley-pm2-semantic-ui-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 207baa0abd8ece63fe60c3b6ed72245a1fbd0ab7acbb419f0f280f5e15470fb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in awk-node-abstract-interpret-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e57b94267f695268b2205969adaa9a5ec8130180999c45d34e32b1a23caa7f70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in aether-hologram-genomics-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91fd696e3d7bb6d4aa0cae1f564fd1879823fe90d9e33b77c646528afe0a0d30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in ganymede-metabolomics-cryptography-metalsmith (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6be32f11163bc54d3aeb742db539967f72078db69bd2365ca559d641cc92a721 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in warp-asthenosphere-ganymede-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a92ebd310cc475e2b9ba6eae8284cedf4b60c8bbc57a74d40d2b6dfbaceb30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in old-string-protected-omega-decode (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 94b4c6b9e02ae8116c384e78de29b120b55757d7fc40c59281afe45f6917f764 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in jasmine-karma-innercore-csrf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 203c72244b8153dbfc6ea87c52825b1a48e6cc1db0147ae09eecb408d18f79d4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in meteor-hadron-hermes-lint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 406ee3b851ee1ae01cae0c7e1ae0e6a83e9ce50744299402f3c59a7ed7950003 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder