MAL-2025-192435 Malicious code in loguru-utf8 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e20933ac001bbe12fd7962f9e12208f3224c836f3deba7669a649165232e0b78 Package clones a popular package loguru, jsonschema, .... While it claims to have some additional features, the real change is an added compiled native library...

[SECURITY] Fedora 43 Update: imhex-1.37.4-3.fc43

ImHex is a Hex Editor, a tool to display, decode and analyze binary data to reverse engineer their format, extract informations or patch values in them. What makes ImHex special is that it has many advanced features that can often only be found in paid applications. Such features are a completely...

Apache Commons FileUpload JAR Detection

Binary data apachecommonsfileuploadjardetect.nbin...

Microsoft Windows 10 22H2 ESU Status Check

Binary data wmiwin1022h2esustatus.nbin...

SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin

Summary Siyuan is vulnerable to RCE. The issue stems from a "Zip Slip" vulnerability during zip file extraction, combined with the ability to overwrite system executables and subsequently trigger their execution. Steps to reproduce 1. Authenticate 2. Create zip slip payload with path traversal...

GHSA-4R66-7RCV-X46X SiYuan vulnerable to RCE via zip slip and Command Injection via PandocBin

Summary Siyuan is vulnerable to RCE. The issue stems from a "Zip Slip" vulnerability during zip file extraction, combined with the ability to overwrite system executables and subsequently trigger their execution. Steps to reproduce 1. Authenticate 2. Create zip slip payload with path traversal...

Progress Telerik Document Processing Libraries Installed (Windows)

Binary data progresstelerikdocumentprocessinglibrarieswininstalled.nbin...

BIT-MONGODB-2025-13507 Time-series operations may cause internal BSON size limit to be exceed

Inconsistent object size validation in time series processing logic may result in later processing of oversized BSON documents leading to an assert failing and process termination. This issue impacts MongoDB Server v7.0 versions prior to 7.0.26, v8.0 versions prior to 8.0.16 and MongoDB server v8...

BloodFang

🩸 BloodFang !Versionhttps://img.shields.io/badge/version-1...

rConfig WebUI Detection

Binary data rconfigservicedetect.nbin...

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

Improper Check for Unusual or Exceptional Conditions

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Check for Unusual or Exceptional Conditions in the HTTPAPIServer::GetContentLength function in the HTTP server...

Improper Validation of Specified Quantity in Input

Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input n the EVBufferToJson function in the HTTP server component. An...

Exploit for CVE-2024-32019

The ndsudo vulnerability allows an attacker to gain root permiss...

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2025-57199

AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003 was discovered to contain an authenticated command injection vulnerability in the NetFailDetectD binary. This vulnerability allows attackers to execute arbitrary commands via a crafted input...

CVE-2025-57199

The CVE-2025-57199 entry concerns AVTECH SECURITY Corporation DGM1104 FullImg-1015-1004-1006-1003, where an authenticated command injection vulnerability exists in the NetFailDetectD binary. The Red Hat and NVD records describe an authenticated command injection that lets an attacker execute arbi...

FreeBSD : MongoDB -- Reachable Assertion (e72ec9c1-ced4-11f0-a958-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e72ec9c1-ced4-11f0-a958-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-101180 reports: MongoDB Server may experience an invariant failu...

Oracle Linux 10 : ELSA-2025-20478-0: / zziplib (ELSA-2025-204780)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-204780 advisory. 0.13.78-2 - Fix directory traversal in unzip binary - Disable the CVE tests during the check phase - the reproducers for these are downloaded from the github...

FreeBSD : MongoDB -- Improper Validation of Specified Quantity in Input (ea64d2ec-ced4-11f0-a958-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the ea64d2ec-ced4-11f0-a958-b42e991fc52e advisory. https://jira.mongodb.org/browse/SERVER-108565 reports: Inconsistent object size validation in time seri...