Lucene search
K

2834 matches found

vulnersOsv
vulnersOsv
added 2026/05/18 9:0 p.m.5 views

@2nova/wu-ui (>=1.1.0 <=1.3.12), @action.sustainability/storybook-dashboard (>=0.1.1 <=0.1.5) +824 more potentially affected by unknown CVE via @antv/color-util (=2.0.6)

@antv/color-util NPM version =2.0.6 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/color-util and may be impacted: - @2nova/wu-ui =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.0.0, =1.1.15, =1.0.4, =0.1.5, =1.0.0, =0.0.1, =1.0.2,...

5.7AI score
Exploits0
SUSE Linux
SUSE Linux
added 2026/05/18 8:8 a.m.12 views

Security update for util-linux

This update for util-linux fixes the following issue CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can r...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References4
OSV
OSV
added 2026/05/18 8:8 a.m.7 views

SUSE-SU-2026:1962-1 Security update for util-linux

This update for util-linux fixes the following issue - CVE-2026-27456: TOCTOU in the mount program when setting up loop devices bsc1261606...

4.7CVSS5.8AI score0.00118EPSS
Exploits1References3
Snyk
Snyk
added 2026/05/18 5:31 a.m.8 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the UERadioCapabilityCheckResponse function in the dispatcher.go file. An attacker can cause a denial of service by sending specially crafted remote requests that trigger a null pointer dereference...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 3:47 a.m.7 views

Out-of-Bounds

Overview Affected versions of this package are vulnerable to Out-of-Bounds via an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly available and might b...

5.3CVSS5.5AI score0.00303EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 3:45 a.m.7 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer dereference. The attack may be launched remotely. The exploit has been released to the public and may be us...

5.3CVSS5.5AI score0.00303EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/15 6:30 p.m.6 views

com.datasqrl:sqrl-discovery (>=0.9.0 <=0.10.4), com.datasqrl:sqrl-planner (>=0.9.0 <=0.10.4) +6 more potentially affected by CVE-2026-35194 via org.apache.flink:flink-table-planner_2.12 (=2.2.0)

org.apache.flink:flink-table-planner2.12 MAVEN version =2.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.flink:flink-table-planner2.12 and may be impacted: - com.datasqrl:sqrl-discovery =0.9.0, =0.9.0, =0.9.0, =0.2.0, =0.2.0, =0.2.0,...

8.1CVSS5.4AI score0.00381EPSS
Exploits0
Snyk
Snyk
added 2026/05/15 10:40 a.m.9 views

Malicious Package

Overview npm-global-util is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 8:8 p.m.15 views

Malicious code in web3-helpers (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8d6102ae402b2583a01da47e71f41cccba99fb7826dcf360004d8924557e1760 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 8:5 p.m.13 views

Malicious code in aiohttp-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b5a826a64a0405306b51cd85239237982278e758bc8109e7da521e15f003ca6e During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/13 8:5 p.m.7 views

MAL-2026-3699 Malicious code in aiohttp-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b5a826a64a0405306b51cd85239237982278e758bc8109e7da521e15f003ca6e During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 8:3 p.m.12 views

Malicious code in alembic-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e9b764ee0ccd6a2c6c2db1b7722f083ee9f643cb99d03821d5e6571f68db253 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

6AI score
Exploits0References1
OSV
OSV
added 2026/05/13 8:3 p.m.6 views

MAL-2026-3700 Malicious code in alembic-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8e9b764ee0ccd6a2c6c2db1b7722f083ee9f643cb99d03821d5e6571f68db253 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/13 3:24 p.m.18 views

Malicious code in rich-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/13 3:24 p.m.7 views

MAL-2026-3659 Malicious code in rich-util (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cc191d72f2f92d966897d0f635b53afecd9a62e8b63de13fff125a00377fcb63 Package installs persistent malware acting as Rat, with the focus of stealing data and modifying copied cryptowallet addresses. --- Category: MALICIOUS - The...

5.8AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: util-linux (UTSA-2026-017413)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017413 advisory. An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a...

5.5CVSS6.1AI score0.00661EPSS
Exploits1References4
OSV
OSV
added 2026/05/09 12:30 p.m.10 views

OESA-2026-2211 util-linux security update

The util-linux package contains a random collection of files that implements some low-level basic linux utilities. Security Fixes: util-linux is a random collection of Linux utilities. Prior to version 2.41.4, a TOCTOU Time-of-Check-Time-of-Use vulnerability has been identified in the SUID binary...

4.7CVSS5.7AI score0.00118EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.10 views

CVE-2026-27456 affecting package util-linux for versions less than 2.40.2-4

CVE-2026-27456 affecting package util-linux for versions less than 2.40.2-4. A patched version of the package is available...

4.7CVSS5.8AI score0.00118EPSS
Exploits1
CBLMariner
CBLMariner
added 2026/05/09 3:31 a.m.16 views

CVE-2026-3184 affecting package util-linux for versions less than 2.40.2-4

CVE-2026-3184 affecting package util-linux for versions less than 2.40.2-4. A patched version of the package is available...

5.3CVSS5.8AI score0.00436EPSS
Exploits0
OSV
OSV
added 2026/05/07 3:54 a.m.6 views

GHSA-QCP4-V2JJ-FJX8 vm2 has a Sandbox Escape Vulnerability

Summary It is possible to reach BaseHandler.getPrototypeOf, which can be used to get arbitrary prototypes Details https://github.com/patriksimek/vm2/blob/408fc855f1cc1bbc2985b029465ee0e732ada433/lib/bridge.jsL655-L658 BaseHandler can be reached via util.inspect same as...

10CVSS6.1AI score0.00815EPSS
Exploits1References5
Rows per page
Query Builder