18104 matches found
CVE-2025-65000 Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule
SSH private keys of the "Remote alert handlers Linux" rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed...
CVE-2025-65000
CVE-2025-65000 affects Checkmk (Linux Remote alert handlers rule). SSH private keys were exposed in the HTML source of the rule page for Checkmk 2.3.0 and all versions up to 2.4.0p18, potentially allowing unauthorized triggering of predefined alert handlers on affected hosts. The Red Hat, NVD, Ub...
CVE-2025-60062
creationtimestamp| type| source ---|---|--- 2025-12-18 09:49:20+00:00| seen| https://gist.github.com/Darkcrai86/a4aae3d5fbfa6cbe0add53dd7cad1a26 2025-12-18 16:56:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mabnfm3kma2c...
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk version 2.4.0p18 and earlier, which stems from the exposure of an SSH private key in the HTML source code of the rules page, which could lead to the unauthorized triggering of a predefined alert...
PT-2025-52229
SSH private keys of the "Remote alert handlers Linux" rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed...
EUVD-2025-203893
Malicious code in xbox-bottomnav npm...
CVE-2025-40353
In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Do not warn if the page is already tagged in copyhighpage The arm64 copyhighpage assumes that the destination page is newly allocated and not MTE-tagged PGmtetagged unset and warns accordingly. However, following comm...
Malicious Package
Overview mona-speedy-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
CVE-2025-68054
creationtimestamp| type| source ---|---|--- 2025-12-16 09:29:05+00:00| seen| https://gist.github.com/Darkcrai86/cd0e02e5dff5aa17579ba8fe5175a78b...
Linux Distros Unpatched Vulnerability : CVE-2025-40350
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: RX, Fix generating skb from non-linear xdpbuff for striding RQ XDP programs can change the layout of an xdpbuff through bpfxdpadjusttail and...
CVE-2025-57919
creationtimestamp| type| source ---|---|--- 2025-12-15 12:58:40+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/al25-019-vulnerabilities-impacting-fortinet-products-forticloud-sso-login-authentication-bypass-cve-2025-59718-cve-2025-59719...
CVE-2025-9116
creationtimestamp| type| source ---|---|--- 2025-12-15 08:55:30+00:00| seen| https://gist.github.com/Darkcrai86/1dd1e83c9642f7f4e5319c0dcd70ef79...
MAL-2025-192569 Malicious code in @ikarem/telemetry (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e43d2a07b55a1387aa741edace01850ec9f79a58baac8ee1897610e2b8e77cb8 The package @ikarem/telemetry was found to contain malicious code. Source: ghsa-malware...
Remote Code Execution (RCE)
Apache DolphinScheduler is vulnerable to Remote Code Execution RCE. The vulnerability is due to insufficient validation of user input in alert scripts, which allows an attacker to execute arbitrary shell scripts on the server...
CVE-2025-13988
creationtimestamp| type| source ---|---|--- 2025-12-12 08:20:24+00:00| seen| https://gist.github.com/Darkcrai86/9a25adcfffb25255d6578edf1a60529c...
@cedarjs/api-server (>=1.0.0-canary.12863 <=3.0.0-canary.13332), @cedarjs/cli (>=1.0.0-canary.12863 <=3.0.0-canary.13332) +10 more potentially affected by CVE-2025-55183 +1 more via react-server-dom-webpack (>=19.2.1 <=19.2.3)
react-server-dom-webpack NPM version =19.2.1, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863, =1.0.0-canary.12863,...
CVE-2025-14535
creationtimestamp| type| source ---|---|--- 2025-12-11 19:50:17+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115702668769020088 2025-12-12 01:35:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/115704026118128056 2025-12-12 01:35:30+00:00| seen|...
MAL-2025-192469 Malicious code in elf-stats (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b7b7a4081b3aa00f994d66d878c0f544fcaed5b0ee74de8eae16043cbd88d1d7 The package elf-stats was found to contain malicious code. Source: ghsa-malware 15660e6264c00ad0f4cbbb11fdecdfae1a3bc0079b021fc5d764a6eede92628f Any...
Malicious code in elf-stats-rooftop-wishlist-723 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fcbd1b32a8c043a4ffa56ddea354e9380466ad48a486654e7c7ee0581a4684f The package elf-stats-rooftop-wishlist-723 was found to contain malicious code...
EUVD-2025-202824
Malicious code in elf-stats-cheery-northstar-345 npm...