GHSA-GV7W-RQVM-QJHR esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY

Summary The esbuild Deno module lib/deno/mod.ts downloads native binary executables from an npm registry and writes them to disk with executable permissions 0o755 without performing any integrity verification e.g., SHA-256 hash check. The Node.js equivalent lib/npm/node-install.ts includes a robu...

esbuild: Missing binary integrity verification in Deno module enables remote code execution via NPM_CONFIG_REGISTRY

Summary The esbuild Deno module lib/deno/mod.ts downloads native binary executables from an npm registry and writes them to disk with executable permissions 0o755 without performing any integrity verification e.g., SHA-256 hash check. The Node.js equivalent lib/npm/node-install.ts includes a robu...

CVE-2025-55582

The CVE-2025-55582 entry concerns D-Link DCS-825L firmware prior to 1.09.02. The flaw is in the watchdog script mydlink-watch-dog.sh, which blindly respawns binaries (notably dcp and signalc) without verifying integrity, authenticity, or permissions. An attacker with local filesystem access (phys...

D-Link DCS-825L 安全漏洞

The D-Link DCS-825L is a wireless webcam from China AUO D-Link. A security vulnerability exists in the D-Link DCS-825L version 1.08.01 and earlier, which stems from the mydlink-watch-dog.sh script that does not verify binary integrity, which could lead to persistent arbitrary code execution...

SUSE-SU-2020:0948-2 Security update for gmp, gnutls, libnettle

This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...

Security update for gmp, gnutls, libnettle (moderate)

openSUSE Security Update: Security update for gmp, gnutls, libnettle Announcement ID: openSUSE-SU-2020:0501-1 Rating: moderate References: 1152692 1155327 1166881 1168345 Cross-References: CVE-2020-11501 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has three...

SUSE-SU-2020:0948-1 Security update for gmp, gnutls, libnettle

This update for gmp, gnutls, libnettle fixes the following issues: Security issue fixed: - CVE-2020-11501: Fixed zero random value in DTLS client hello bsc1168345 FIPS related bugfixes: - FIPS: Install checksums for binary integrity verification which are required when running in FIPS mode...