MAL-2026-5764 Malicious code in sys-info-cli-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1423c435a0e9e86338dd64d138fb1697580751ade2b7486880e21785e1b3eb47 The package's collect.js gathers host identifiers os.hostname, os.homedir along with filesystem and childprocess introspection and POSTs them to a...

Exploit for Untrusted Pointer Dereference in Microsoft

ntoskrnl-metadata An IDA Python script for extracting critica...

[SECURITY] Fedora 44 Update: plasma-systemmonitor-6.6.4-1.fc44

An interface for monitoring system sensors, process information and other sys tem resources...

Security update 5.0.7 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Non-customer-facing optimization and update golang-github-boynux-squidexporter: Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes jscPED-14971: Added compatibility for Squid 6...

Malicious code in tui-ascii-art (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4358458e150317ab394c6dd2d0137a8c395a32bae309cc1bfd829f123dab1393 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

MAL-2026-2117 Malicious code in tui-ascii-art (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4358458e150317ab394c6dd2d0137a8c395a32bae309cc1bfd829f123dab1393 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Malicious code in indpack (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 85f1ca1d5abdcf2139039fc5e8a08068a8c2cacca8a31fed38fbde74f7b8c04d These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

MAL-2026-2113 Malicious code in gcpipwrap (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 af8d2f3dec668a16adf691aa26e16be82e62c2cdf993da1f4ff4afaceac30e92 These packages are used as build dependencies of malicious packages in newer waves of the campaign 2026-02-urllib-slim. They are used to split the malicious...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005648)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005648 advisory. In the Linux kernel, the following vulnerability has been resolved: riscv: process: fix kernel info leakage threadstruct's s12 may contain random kernel memory...

CVE-2021-22782

Missing Encryption of Sensitive Data vulnerability exists in EcoStruxure Control Expert all versions prior to V15.0 SP1, including all versions of Unity Pro, EcoStruxure Process Expert all versions, including all versions of EcoStruxure Hybrid DCS, and SCADAPack RemoteConnect for x70, all version...

RockyLinux 9 : thunderbird (RLSA-2025:18321)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:18321 advisory. thunderbird: firefox: Memory safety bugs CVE-2025-11714 thunderbird: firefox: Out of bounds read/write in a privileged process triggered by WebGL textur...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 9 : thunderbird (RHSA-2025:18321)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:18321 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: firefox: Memory safety bugs CVE-2025-11714...

EUVD-2017-15780

Malware in sbrugna...

CVE-2025-41654

An unauthenticated remote attacker can access information about running processes via the SNMP protocol. The amount of returned data can trigger a reboot by the watchdog...

CVE-2022-20263

In ActivityManager, there is a way to read process state for other users due to a missing permission check. This could lead to local information disclosure of app usage with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Andro...

CentOS 9 : linux-firmware-20230726-138.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the linux- firmware-20230726-138.el9 build changelog. - Cross-Process Information Leak rhbz 2227156 CVE-2023-20593 Note that Nessus has not tested for this issue but has instead relied only...

CVE-2022-23089

When dumping core and saving process information, procgetargv might return an sbuf which have a sbuflen of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted psstring, which in turn can cause the kernel to crash...

Out-of-bounds

When dumping core and saving process information, procgetargv might return an sbuf which have a sbuflen of 0 or -1, which is not properly handled. An out-of-bound read can happen when user constructs a specially crafted psstring, which in turn can cause the kernel to crash...