MAL-2025-3034 Malicious code in @hongfangze/calc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 62ce8da37d7e1e8677cceb4a5db36f031470df22a7996162be8d54154076796a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-28891

Cross-Site Request Forgery CSRF vulnerability in jazzigor price-calc price-calc allows Stored XSS.This issue affects price-calc: from n/a through = 0.6.3...

WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin price-calc versions = 0.6.3...

CVE-2025-28891

Cross-Site Request Forgery CSRF vulnerability in jazzigor price-calc price-calc allows Stored XSS.This issue affects price-calc: from n/a through = 0.6.3...

CVE-2025-28891 WordPress price-calc plugin <= 0.6.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in jazzigor price-calc price-calc allows Stored XSS.This issue affects price-calc: from n/a through = 0.6.3...

CVE-2025-28891

CVE-2025-28891 affects the WordPress price-calc plugin (versions

WordPress plugin price-calc 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm/mglru: The issue of division by zero in vmpressurecalclevel has been fixed. evictfolios uses a second pass to reclaim folios that have undergone page writeback and become clean before the first pass is completed. This is becau...

DEBIAN-CVE-2024-50233

In the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832calcfreqreg In the ad9832writefrequency function, clkgetrate might return 0. This can lead to a division by zero when calling ad9832calcfreqreg. The check if fout...

The vulnerability of the `coarsestscale` variable in the `calc()` and `ocl_calc()` functions of the `dis_flow.cpp` component of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms. This vulnerability relates to reading data beyond the allowed buffer limits, allowing an attacker to access confidential data and cause service interruptions.

The vulnerability of the coarsestscale parameter in functions calc and oclcalc in the disflow.cpp component of the OpenCV library, which is used for computer vision, image processing, and general numerical algorithms, relates to reading data beyond the allowed buffer size. Exploiting this...

mm/mglru: fix div-by-zero in vmpressure_calc_level()

...

Exploit for OS Command Injection in Php

Incident Response Walkthrough: Mitigating a Zero-Day Attack...

Oracle Linux 9 : libreoffice (ELSA-2024-3835)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3835 advisory. - Fix CVE-2023-6185 escape url passed to gstreamer - Fix CVE-2023-6186 check link target protocols - Resolves: rhbz2210193 CVE-2023-0950 Array Index...

RHEL 5 : openoffice.org (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libreoffice: Bookmarks in DOC documents are insufficiently checked causing memory corruption CVE-2015-521...

libreoffice security fix update

1:5.3.6.1-26.0.1 - adjust color palette to match Redwood style. - Replaced RedHat colors with Oracle colors, and the filename redhat.soc with oracle.soc in specfile - Build with --with-vendor='Oracle America, Inc.' 1:5.3.6.1-26 - Fix CVE-2022-38745 Empty entry in Java class path - Fix CVE-2023-09...

编号撤回

LibreOffice is an open source office software suite from The Document Foundation tdf. The product contains the applications Writer text documents, Calc spreadsheets, and Impress presentations. This CVE number has been withdrawn...

Important: kernel

Issue Overview: An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. CVE-2023-6606 Affected Packages: kernel Note: This advisory is applicable t...

OESA-2024-1009 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravbremove in drivers/net/ethernet/renesas/ravbmain.c.CVE-2023-35827 An out-of-bounds read vulnerability was found in smbCalcSize in...

DEBIAN-CVE-2023-6606

An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information...

libreoffice: Array index underflow in Calc formula parsing

A vulnerability was found in LibreOffice. Improper validation of the array index in the spreadsheet component of The Document Foundation in LibreOffice allows an attacker to craft a spreadsheet document that causes an array index underflow when loaded. In affected versions of LibreOffice, certain...