551 matches found
MAL-2025-20274 Malicious code in fbdeoxicwnlkgkvt (npm)
The package fbdeoxicwnlkgkvt was found to contain malicious code...
MAL-2025-29186 Malicious code in phpguide (npm)
The package phpguide was found to contain malicious code...
MAL-2025-15005 Malicious code in atlas-capella-dynamo-cosmos (npm)
The package atlas-capella-dynamo-cosmos was found to contain malicious code...
MAL-2025-18515 Malicious code in djurto (npm)
The package djurto was found to contain malicious code...
MAL-2025-16879 Malicious code in checkdig (npm)
The package checkdig was found to contain malicious code...
MAL-2025-17036 Malicious code in cindy-mieayam93-breki (npm)
The package cindy-mieayam93-breki was found to contain malicious code...
MAL-2025-19994 Malicious code in evilunit (npm)
The package evilunit was found to contain malicious code...
MAL-2025-15736 Malicious code in bison-5wkld-cr4yx-ember-project (npm)
The package bison-5wkld-cr4yx-ember-project was found to contain malicious code...
RLSA-2025:9878 Important: libblockdev security update
The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID. Security Fixes: libblockdev: LPE from allowactive ...
RLSA-2025:8958 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: Out-of-Bounds Read in libxml2 CVE-2025-32414 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...
GHSA-MQCP-P2HV-VW6X Withdrawn Advisory: Thor can construct an unsafe shell command from library input.
Withdrawn Advisory This advisory has been withdrawn because the method described can only be used with arguments that are controlled by Thor, and an external attacker cannot access the functionality described in the body of the CVE. This link is maintained to preserve external references. Origina...
BELL-CVE-2025-38254 CVE-2025-38254 does not affect BellSoft software
Bulletin has no description...
UBUNTU-CVE-2025-52496
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery...
CVE-2024-12915
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Devinim Software Library Software allows Reflected XSS. This issue affects Library Software: before 24.11.02...
CVE-2024-12915
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Devinim Software Library Software allows Reflected XSS. This issue affects Library Software: before 24.11.02...
PT-2025-27449 · Unknown · Devinim Software Library
Name of the Vulnerable Software and Affected Versions: Devinim Software Library Software versions prior to 24.11.02 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks...
CVE-2025-37096
A command injection remote code execution vulnerability exists in HPE StoreOnce Software...
CVE-2025-37092
A command injection remote code execution vulnerability exists in HPE StoreOnce Software...
CVE-2025-37091
A command injection remote code execution vulnerability exists in HPE StoreOnce Software...
CLSA-2025-1748638245 python3: Fix of CVE-2024-9287
CVE-2024-9287: fix path names quoting to prevent command injection in virtual environment activation scripts...