1690 matches found
EUVD-2025-5059
Malicious code in bioql PyPI...
EUVD-2025-24383
Malicious code in bioql PyPI...
EUVD-2025-32055
Malicious code in bioql PyPI...
EUVD-2025-29434
Malicious code in bioql PyPI...
EUVD-2025-29498
Malicious code in bioql PyPI...
EUVD-2025-25619
Malicious code in bioql PyPI...
.NET 9.0 security update
An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...
RLSA-2025:8816 Important: .NET 9.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...
MAL-2025-47574 Malicious code in @discord-external/activity-iframe-sdk (npm)
The package @discord-external/activity-iframe-sdk was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security c4df7af2ceae80fdc052edf95094a378287786ae21cfec9a6104a2af2b1d9b98 This package installs a dependency hosted on a cust...
CVE-2025-57324
parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...
Cloudflare Workers SDK 信息泄露漏洞
Cloudflare Workers SDK is an open source developer toolkit for Cloudflare. An information disclosure vulnerability exists in Cloudflare Workers SDK versions prior to 1.6.0, which stems from a default configuration where the local development server exposes all files, potentially leading to the...
DEBIAN-CVE-2025-59160
Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...
Malicious code in phone-feature-sdk (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41591 Malicious code in phone-feature-sdk (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2025-36729 RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint
A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...
Malicious code in kinvey-phonegap-angular-sdk (npm)
The package kinvey-phonegap-angular-sdk was found to contain malicious code...
MAL-2025-26193 Malicious code in mentors-sdk-js (npm)
The package mentors-sdk-js was found to contain malicious code...
CVE-2025-32004
CVE-2025-32004 concerns the Intel Edger8r Tool in the Intel SGX SDK. The issue is caused by improper input validation in the Edger8r Tool, which may permit an authenticated user to escalate privileges via local access. Documented impact indicates privilege escalation with local access, applicable...
CVE-2025-32004
Improper input validation in the Intel Edger8r Tool for some IntelR SGX SDK may allow an authenticated user to potentially enable escalation of privilege via local access...
Linux Distros Unpatched Vulnerability : CVE-2025-37935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix SER panic with 4GB+ RAM If the mtkpollrx function detects the...