Lucene search
K

127 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 9:31 a.m.5 views

Malicious code in @things-factory/email-base (npm)

Suspicious postinstall script executes bundle.js which contains code flagged by YARA rule unsignedbitwisemathexcess, indicating malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdc3773013abc63a59090ab3b457bc1e047f7a294edd5f35e6ce43840fc0520 Any computer tha...

7.1AI score
Exploits0References7
OSV
OSV
added 2025/09/16 7:56 a.m.2 views

MAL-2025-47228 Malicious code in remark-preset-lint-crowdstrike (npm)

Suspicious postinstall script executes a file with excessive bitwise math. Likely malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 165b629be2876c01b20135bbf391a92b4ae66e6645b8f390bcbb5373f8d43c5b Any computer that has this package installed or running should...

6.8AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:55 a.m.4 views

Malicious code in eslint-config-crowdstrike (npm)

Suspicious postinstall script executing bundle.js combined with unsignedbitwisemathexcess YARA rule match indicates potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5700b3786b16cd76be2c86bc19af1fd76ac0dbfa6bb16f29e3837fc94598b75 Any computer that...

6.8AI score
Exploits0References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/16 7:54 a.m.6 views

Malicious code in eslint-config-crowdstrike-node (npm)

Suspicious postinstall script executing bundle.js with excessive bitwise math indicates malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40d780d93001ede85edbf1e9b83f884f84ab20fc210cd34a95b114599c01387a Any computer that has this package installed ...

6.8AI score
Exploits0References8
OSV
OSV
added 2025/09/16 7:54 a.m.3 views

MAL-2025-47227 Malicious code in eslint-config-crowdstrike-node (npm)

Suspicious postinstall script executing bundle.js with excessive bitwise math indicates malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 40d780d93001ede85edbf1e9b83f884f84ab20fc210cd34a95b114599c01387a Any computer that has this package installed ...

6.8AI score
Exploits0References8
OSV
OSV
added 2025/09/16 7:48 a.m.3 views

MAL-2025-47218 Malicious code in @crowdstrike/logscale-parser-edit (npm)

Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...

6.8AI score
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-3490

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The eBPF ALU32 bounds tracking for bitwise ops AND, OR and XOR in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of boun...

7.8CVSS6.9AI score0.27477EPSS
Exploits8References2
Snyk
Snyk
added 2024/12/25 5:39 p.m.1 views

Incorrect Bitwise Shift of Integer

Overview Affected versions of this package are vulnerable to Incorrect Bitwise Shift of Integer through the ochufftreeunpack function. Remediation There is no fixed version for theora. References - PoC - Red Hat Bugzilla Bug - Vulnerable Code...

9.8CVSS7AI score0.01817EPSS
Exploits1References2
Redos
Redos
added 2024/09/27 12:0 a.m.26 views

ROS-20240927-05

Vulnerability in the afunix component's unixreleasesock/unixstreamsendmsg function is related to competitive access to a resource race condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the drivers/media/test-drivers/vidtv/vidtvpsi...

9.1CVSS7.5AI score0.26864EPSS
Exploits0
CNNVD
CNNVD
added 2024/04/17 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from Bitwise shifts being out of range for its data type...

5.5CVSS6.6AI score0.0024EPSS
Exploits0References11
0day.today
0day.today
added 2024/03/18 12:0 a.m.428 views

LaborOfficeFree 19.10 - MySQL Root Password Calculator Exploit

Exploit Title: LaborOfficeFree 19.10 MySQL Root Password Calculator - CVE-2024-1346 Exploit Author: Peter Gabaldon - https://pgj11.com/ Vendor Homepage: https://www.laborofficefree.com/ Software Link: https://www.laborofficefree.com/plans Version: 19.10 Tested on: Windows 10 CVE : CVE-2024-1346...

6.8CVSS6.7AI score0.00392EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2024/02/29 7:3 a.m.30 views

CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

2.3CVSS6.5AI score0.00238EPSS
Exploits0References4
Code423n4
Code423n4
added 2023/10/06 12:0 a.m.12 views

Incorrect functionID will not trigger fallback

Lines of code Vulnerability details Impact When encoding a payload for settlement of multiple tokens, the fallback flag is not set when it should be. This will cause no fallback to be triggered even though the user has paid enough to cover the additional costs that are required. Proof of Concept ...

7AI score
Exploits0
PyPA
PyPA
added 2023/09/04 6:15 p.m.8 views

PYSEC-2023-167

Vyper is a Pythonic Smart Contract Language. For the following probably non-exhaustive list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafeadd, unsafesub, unsafemul, unsafediv, powmod256, |, &, ^ bitwise operators, bitwiseor deprecated,...

5.3CVSS6.8AI score0.00418EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/09/04 6:15 p.m.49 views

PYSEC-2023-167

Vyper is a Pythonic Smart Contract Language. For the following probably non-exhaustive list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafeadd, unsafesub, unsafemul, unsafediv, powmod256, |, &, ^ bitwise operators, bitwiseor deprecated,...

5.3CVSS6.7AI score0.00418EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2023/09/04 5:39 p.m.9 views

CVE-2023-40015 Vyper: reversed order of side effects for some operations

Vyper is a Pythonic Smart Contract Language. For the following probably non-exhaustive list of expressions, the compiler evaluates the arguments from right to left instead of left to right. unsafeadd, unsafesub, unsafemul, unsafediv, powmod256, |, &, ^ bitwise operators, bitwiseor deprecated,...

3.7CVSS6.4AI score0.00418EPSS
Exploits1References1
Code423n4
Code423n4
added 2023/07/11 12:0 a.m.6 views

Incorrect Bitwise Shift Operation in _validateCall Function

Lines of code Vulnerability details Impact Let's break down this part of the function: if returnedData.length 32 || bytes28bytes32returnedData 32 != bytes280 revert LSP20InvalidMagicValuepostCall, returnedData; This if statement is intended to do two things, as indicated by the two conditions...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.25 views

EulerOS Virtualization 2.11.0 : multipath-tools (EulerOS-SA-2023-2098)

According to the versions of the multipath-tools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction...

7.8CVSS7.4AI score0.00658EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.33 views

EulerOS Virtualization 2.11.1 : multipath-tools (EulerOS-SA-2023-2046)

According to the versions of the multipath-tools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction...

7.8CVSS7.4AI score0.00658EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2023/05/16 12:0 a.m.18 views

EulerOS Virtualization 2.10.1 : multipath-tools (EulerOS-SA-2023-1894)

According to the versions of the multipath-tools packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction...

7.8CVSS7.4AI score0.00658EPSS
Exploits5References3
Rows per page
Query Builder