307 matches found
EUVD-2022-15598
Malicious code in bioql PyPI...
EUVD-2022-15312
Malicious code in bioql PyPI...
EUVD-2025-20310
Malicious code in bioql PyPI...
java-21-openjdk security update
An update is available for java-21-openjdk. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime...
RLSA-2025:10873 Important: java-21-openjdk security update
The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK: Better...
SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers
Cybersecurity researchers have discovered two new malicious packages in the Python Package Index PyPI repository that are designed to deliver a remote access trojan called SilentSync on Windows systems. "SilentSync is capable of remote command execution, file exfiltration, and screen capturing,"...
Malicious Package
Overview secmeasure is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The sisaws package leverages "typosquatting" for the legitimate sisa package, targeting Sistema Integrado de Información Sanitaria Argentino SISA API...
Malicious Package
Overview sisaws is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The sisaws package leverages "typosquatting" for the legitimate sisa package, targeting Sistema Integrado de Información Sanitaria Argentino SISA API...
java-17-openjdk security update
An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-17-openjdk packages provide the OpenJDK 17 Java Runtime...
AlmaLinux 9 : java-17-openjdk (ALSA-2025:10867)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:10867 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK:...
ALSA-2025:10873 Important: java-21-openjdk security update
The OpenJDK 21 packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059 JDK: Better...
CVE-2025-6044
An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture...
CVE-2025-6044
CVE-2025-6044 concerns Google ChromeOS: an Improper Access Control in the Stylus Tools component on ChromeOS 16238.64.0 (garaged stylus devices) allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen captur...
CVE-2025-20986
Improper access control in ScreenCapture for Galaxy Watch prior to SMR Jun-2025 Release 1 allows local attackers to take screenshots...
CVE-2024-23232
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.4. An app may be able to capture a user's screen...
CVE-2024-0029
In multiple files, there is a possible way to capture the device screen when disallowed by device policy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-27895
SAP Authenticator for Android - version 1.3.0, allows the screen to be captured, if an authorized attacker installs a malicious app on the mobile device. The attacker could extract the currently views of the OTP and the secret OTP alphanumeric token during the token setup. On successful...
CVE-2023-21440
Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023 Release 1 allows attackers to take a screen capture...
CVE-2022-32848
A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5. An app may be able to capture a user’s screen...
CVE-2021-26917
PyBitmessage through 0.6.3.2 allows attackers to write screen captures to Potentially Unwanted Directories via a crafted apinotifypath value. NOTE: the discoverer states "security mitigation may not be necessary as there is no evidence yet that these screen intercepts are actually transported awa...