386 matches found
Malicious code in abi-encode (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector afc61427f74a028242a032b9436c09c43b1df60fef5688aa5389ef107e899259 The package advertises ABI encoding but on require schedules a 37-second timer that decodes test/fixtures/keypairs.dat base64-encoded stealer, staged...
nginx:1.24 security, bug fix, and enhancement update
An update is available for nginx, module.nginx. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other...
Important: Red Hat Security Advisory: nginx:1.24 security, bug fix, and enhancement update
An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Malicious code in solc-abi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5ecbb6619ae13314417faab35b315155c9a55f98dfdb707fe44edfe1f7e7356 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview solc-abi is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
MAL-2026-5512 Malicious code in solc-abi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a5ecbb6619ae13314417faab35b315155c9a55f98dfdb707fe44edfe1f7e7356 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in solidity-abi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d00c844413b4c809e5d57d1952a17f67f2c72324fd379c91d5fdd8aa3fdd9da9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious Package
Overview solidity-abi is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Unbreakable Enterprise kernel security update
6.12.0-203.76.7.3 - arm64: errata: Mitigate TLBI errata on various Arm CPUs Mark Rutland Orabug: 39017589 CVE-2025-10263 - arm64: tlb: Add ARM64WORKAROUNDREPEATTLBISYNC Mark Rutland Orabug: 39017589 - arm64: tlb: allow XZR argument to TLBI ops Mark Rutland Orabug: 39017589 - arm64: cputype: Add...
CLSA-2026-1780132159 Fix of 7 CVEs
CVE-2026-23193 - scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount CVE-2026-23193 CVE-2025-71093 - e1000: fix OOB in e1000tbishouldaccept CVE-2025-71093 CVE-2025-71116 - libceph: make decodepool more resilient against corrupted osdmaps CVE-2025-71116 CVE-2025-71136 - media:...
CLSA-2026-1779202006 Fix CVE(s): CVE-2026-43284, CVE-2026-46300, CVE-2026-46333
Ubuntu: 4.15.0-256.267 CVE-2026-46333 - ptrace: require CAPSYSPTRACE when task has no mm CVE-2026-46333 CVE-2026-46300 - net: skbuff: propagate shared-frag marker through copy/coalesce/gro/shift paths CVE-2026-46300 CVE-2026-43284 - xfrm: esp: avoid in-place decrypt on shared skb frags...
WordPress Charitable – Donation Plugin for WordPress – Fundraising with Recurring Donations & More plugin <= 1.8.10.4 - Authenticated (Custom+) SQL Injection vulnerability
Authenticated Custom+ SQL Injection vulnerability discovered by Abi Wiranata in WordPress Plugin Charitable versions = 1.8.10.4...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012963)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012963 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert...
OPENSUSE-SU-2026:20572-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...
abi-ds-utils (=1.0.1), acceldata-o2a (=1.0.0) +156 more potentially affected by CVE-2026-25219 via apache-airflow (>=1.8.2 <=3.1.7)
apache-airflow PYPI version =1.8.2, =0.8.44.4, =1.4.0.3.post4, =1.4.0.3.post3, =0.1.0rc3, =0.1.0, =0.2.1, =0.2.9b1, =0.4.0, =0.1.0a1, =0.6.0, =0.1.1, =0.6.4 and more Source cves: CVE-2026-25219 Source advisory: OSV:GHSA-4G48-54Q2-FG7Q...
Malicious code in @abi-labs-frontend/standards (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60eba79d2fd49b58fb2a2073d2b7c87f66c1ad781bc1a6137962f9b5e772449 The package @abi-labs-frontend/standards was found to contain malicious code...
MAL-2026-2329 Malicious code in @abi-labs-frontend/standards (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a60eba79d2fd49b58fb2a2073d2b7c87f66c1ad781bc1a6137962f9b5e772449 The package @abi-labs-frontend/standards was found to contain malicious code...
Abi-smuggling-exploit
Web3 Security Research Portfolio A collection of smart contra...
2m (=1.2.5), a-api-server (=1.3.0) +3876 more potentially affected by CVE-2026-27205 via flask (>=0.10.1 <=3.1.2)
flask PYPI version =0.10.1, =0.1.0, =0.10.0, =1.0.2, =1.0.0, =1.0.5, =1.8.8, =1.0.2, =0.3.1, =0.3.7.dev2 and more Source cves: CVE-2026-27205 Source advisory: OSV:GHSA-68RP-WP8R-4726...
PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature
PyO3 0.28.1 added support for pyclassextends=PyList struct NativeSub and other native types when targeting Python 3.12 and up with the abi3 feature. It was discovered that subclasses of such classes would use the type of the subclass when attempting to access to data of NativeSub contained within...