379 matches found
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001292)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001292 advisory. A memory leak in the i2400moprfkillswtoggle function in drivers/net/wimax/i2400m/op-rfkill.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of...
CVE-2025-68815
In the Linux kernel, the following vulnerability has been resolved: net/sched: ets: Remove drr class from the active list if it changes to strict Whenever a user issues an ets qdisc change command, transforming a drr class into a strict one, the ets code isn't checking whether that class was in t...
EUVD-2025-199460
Malicious code in @oku-ui/toggle-group npm...
EUVD-2025-199461
Malicious code in @oku-ui/toggle npm...
Malicious code in @oku-ui/toggle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d0819bf4913c5aabf31547b239ee5407c6e581d71ef7d041451c7f162314c1 The package @oku-ui/toggle was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191278 Malicious code in @oku-ui/toggle (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0d0819bf4913c5aabf31547b239ee5407c6e581d71ef7d041451c7f162314c1 The package @oku-ui/toggle was found to contain malicious code. Source: google-open-source-security...
MAL-2025-191279 Malicious code in @oku-ui/toggle-group (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb7f999444c4458fefe9d248fe0eaf410814ecbb5343107fe992033a61d184f3 The package @oku-ui/toggle-group was found to contain malicious code. Source: google-open-source-security...
PT-2025-47999
The Conditional Maintenance Mode for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing nonce validation when toggling the maintenance mode status. This makes it possible for unauthenticated attackers to...
Prototype Pollution
toggle-array is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the enable and disable functions, which allows an attacker to supply a crafted payload and inject properties into the Object.prototype, potentially leading to denial of service DoS or...
EUVD-2025-37412
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.3.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Author-level...
CVE-2025-12367
CVE-2025-12367 affects the WordPress SiteSEO – SEO Simplified plugin (versions up to and including 1.3.1). The vulnerability is Missing Authorization: authenticated attackers with Author-level access or higher can enable or disable arbitrary SiteSEO features due to insufficient permission checks....
CVE-2025-12367 SiteSEO – SEO Simplified <= 1.3.1 - Missing Authorization to Authenticated (Author+) Plugin Settings Update
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.3.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Author-level...
CVE-2025-12367 SiteSEO – SEO Simplified <= 1.3.1 - Missing Authorization to Authenticated (Author+) Plugin Settings Update
The SiteSEO – SEO Simplified plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.3.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with Author-level...
SUSE-SU-2025:3716-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: dde-daemon (UTSA-2025-986194)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986194 advisory. desktop-toggle5.13.84-1x8664 1 Tenable has extracted the preceding description block directly from the Unity Linux security advisory. Note that Nessus has not tested...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: dde-daemon (UTSA-2025-986196)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986196 advisory. desktop-toggle5.13.84-1aarch64 1 Tenable has extracted the preceding description block directly from the Unity Linux security advisory. Note that Nessus has not test...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: dde-daemon (UTSA-2025-986195)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986195 advisory. desktop-toggle5.13.84-1x8664 3 Tenable has extracted the preceding description block directly from the Unity Linux security advisory. Note that Nessus has not tested...
EUVD-2019-5927
Malware in sbrugna...
EUVD-2016-6125
Malware in sbrugna...
EUVD-2023-57838
Malicious code in bioql PyPI...