MAL-2025-16458 Malicious code in callback-kardashevscale-dynamo-hyperion (npm)

The package callback-kardashevscale-dynamo-hyperion was found to contain malicious code...

MAL-2025-16457 Malicious code in callback-elektra-carpo-ini (npm)

The package callback-elektra-carpo-ini was found to contain malicious code...

Malicious code in callback-cross-env-technosignature-ganymede (npm)

The package callback-cross-env-technosignature-ganymede was found to contain malicious code...

Malicious code in callback_test_package (npm)

The package callbacktestpackage was found to contain malicious code...

Malicious code in rocket-callback-bellatrix-typeorm (npm)

The package rocket-callback-bellatrix-typeorm was found to contain malicious code...

MAL-2025-16460 Malicious code in callback_test_package (npm)

The package callbacktestpackage was found to contain malicious code...

MAL-2025-33724 Malicious code in spectron-on-callback-colors (npm)

The package spectron-on-callback-colors was found to contain malicious code...

SUSE CVE-2025-55160

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior function-type-mismatch in splay tree cloning callback. This results in a deterministic abort under UBSan DoS in sanitizer builds, wit...

UBUNTU-CVE-2025-55160

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior function-type-mismatch in splay tree cloning callback. This results in a deterministic abort under UBSan DoS in sanitizer builds, wit...

CVE-2025-55160

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior function-type-mismatch in splay tree cloning callback. This results in a deterministic abort under UBSan DoS in sanitizer builds, wit...

OSV-2025-622 Heap-buffer-overflow in cc_storage_append

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=437855564 Crash type: Heap-buffer-overflow READ 1 Crash state: ccstorageappend ParseSEICallback HxxxParseSEI...

Linux Distros Unpatched Vulnerability : CVE-2022-3697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an...

ROS-20250812-07

A vulnerability in the amazon.aws.ec2instance module of Ansible configuration management is related to an error in the handling of the of the towercallback parameter. Exploitation of the vulnerability allows an attacker acting remotely to gain access sensitive data...

Linux Distros Unpatched Vulnerability : CVE-2025-38127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ice: fix Tx scheduler error handling in XDP callback When the XDP program is loaded, the XDP callback adds new Tx queues. This means that the callback must upda...

Improper Removal of Sensitive Information Before Storage or Transfer

Overview Affected versions of this package are vulnerable to Improper Removal of Sensitive Information Before Storage or Transfer via the uefivarswrite function. The UEFIVARSREGPIOBUFFERTRANSFER register is not cleared between write callbacks with uefivarswrite and read callbacks with uefivarsrea...

Linux Distros Unpatched Vulnerability : CVE-2024-41149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: avoid to reuse hctx not removed from cpuhp callback list If the 'hctx' isn't removed...

Linux Distros Unpatched Vulnerability : CVE-2022-49976

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix broken touchscreen on Chuwi Hi8 with Windows BIOS The...

Linux Distros Unpatched Vulnerability : CVE-2022-50163

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25...

Linux Distros Unpatched Vulnerability : CVE-2024-45337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization...

Linux Distros Unpatched Vulnerability : CVE-2025-22025

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nfsd: put dlstid if fail to queue dlrecall Before calling nfsd4runcb to queue dlrecall to the callbackwq, we increment the reference count of dlstid. We expect...