Lucene search
K

264 matches found

EUVD
EUVD
added 2025/11/24 10:35 p.m.5 views

EUVD-2025-199211

Malicious code in get-them-args npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 10:35 p.m.9 views

Malicious code in get-them-args (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1885f72a03b5b12ad9795b819da4d8cbd92b5985848b3f9a057afd389de5a8f8 The package get-them-args was found to contain malicious code. Source: ghsa-malware d70e3f04273d02fdaa9555197354a75aba13abe81a22763a353d47db93ce9b32...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/11/24 10:35 p.m.3 views

MAL-2025-191103 Malicious code in get-them-args (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1885f72a03b5b12ad9795b819da4d8cbd92b5985848b3f9a057afd389de5a8f8 The package get-them-args was found to contain malicious code. Source: ghsa-malware d70e3f04273d02fdaa9555197354a75aba13abe81a22763a353d47db93ce9b32...

6.8AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.5 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989207 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341...

5.5CVSS5.9AI score0.00252EPSS
Exploits0References4
NVD
NVD
added 2025/10/28 12:15 p.m.3 views

CVE-2025-40036

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpcputargs copytouser failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix this by redirecting to a...

0.00197EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/10/28 11:48 a.m.6 views

CVE-2025-40036 misc: fastrpc: fix possible map leak in fastrpc_put_args

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpcputargs copytouser failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix this by redirecting to a...

0.00197EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2025/10/28 11:48 a.m.3 views

CVE-2025-40036

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpcputargs copytouser failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix this by redirecting to a...

5.2AI score0.00197EPSS
Exploits0
EUVD
EUVD
added 2025/10/28 11:48 a.m.4 views

EUVD-2025-36492

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: fix possible map leak in fastrpcputargs copytouser failure would cause an early return without cleaning up the fdlist, which has been updated by the DSP. This could lead to map leak. Fix this by redirecting to a...

5.8AI score0.00197EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/10/07 5:35 p.m.5 views

CVE-2025-10547

An uninitialized variable in the HTTP CGI request arguments processing component of Vigor Routers running DrayOS may allow an attacker the ability to perform RCE on the appliance through memory corruption...

8.8CVSS6.9AI score0.00574EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2016-3423

Malware in sbrugna...

9.8CVSS8.7AI score0.05187EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986686)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986686 advisory. In the Linux kernel, the following vulnerability has been resolved: net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic83xxaddrings In qlcnic83xxaddrings,...

5.5CVSS6.1AI score0.00251EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4966

Malicious code in bioql PyPI...

6.6AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28936

Malicious code in bioql PyPI...

6.3AI score0.00144EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-4566

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01859EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28842

Malicious code in bioql PyPI...

4.8CVSS4.3AI score0.00223EPSS
Exploits1References6
Github Security Blog
Github Security Blog
added 2025/09/29 5:51 p.m.8 views

j178/prek-action vulnerable to arbitrary code injection in composite action

Summary There are three potential attacks of arbitrary code injection vulnerability in the composite action at action.yml. Details The GitHub Action variables inputs.prek-version, inputs.extraargs, and inputs.extra-args can be used to execute arbitrary code in the context of the action. PoC yaml ...

8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2025/09/29 5:51 p.m.4 views

GHSA-PWF7-47C3-MFHX j178/prek-action vulnerable to arbitrary code injection in composite action

Summary There are three potential attacks of arbitrary code injection vulnerability in the composite action at action.yml. Details The GitHub Action variables inputs.prek-version, inputs.extraargs, and inputs.extra-args can be used to execute arbitrary code in the context of the action. PoC yaml ...

9.9CVSS8AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/27 4:46 p.m.19 views

CVE-2025-59844

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. A command injection vulnerability exists in SonarQube GitHub Action in version 4.0.0 to before version 6.0.0 when workflows pass user-controlled input to the args parameter on Windows...

7.7CVSS7.8AI score0.01507EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/26 4:24 p.m.18 views

CVE-2025-59844 Argument injection vulnerability in SonarQube Scan Action

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. A command injection vulnerability exists in SonarQube GitHub Action in version 4.0.0 to before version 6.0.0 when workflows pass user-controlled input to the args parameter on Windows...

7.7CVSS7.4AI score0.01507EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/26 4:24 p.m.20 views

CVE-2025-59844 Argument injection vulnerability in SonarQube Scan Action

SonarQube Server and Cloud is a static analysis solution for continuous code quality and security inspection. A command injection vulnerability exists in SonarQube GitHub Action in version 4.0.0 to before version 6.0.0 when workflows pass user-controlled input to the args parameter on Windows...

7.7CVSS0.01507EPSS
Exploits0References3
Rows per page
Query Builder