151 matches found
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42, the campaign is said to be the next stage of a previously reported activity cluster dubbed...
WordPress Contact List plugin <= 3.0.18 - Authenticated (Contributor+) Stored Cross-Site Scripting via '_cl_map_iframe' Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'clmapiframe' Parameter vulnerability discovered by Tharadol Suksamran d3kc4rt1 in WordPress Plugin Contact List versions = 3.0.18...
PT-2026-26720
The Contact List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ' cl map iframe' parameter in all versions up to, and including, 3.0.18. This is due to insufficient input sanitization and output escaping when handling the Google Maps iframe custom field. The...
MAL-2026-1579 Malicious code in nf-cl-ls (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05a649ee3bcabdbceb5c56f4056dda77174867deaa1600f8a196792cc6c1356c The package nf-cl-ls was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in nf-cl-ls (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 05a649ee3bcabdbceb5c56f4056dda77174867deaa1600f8a196792cc6c1356c The package nf-cl-ls was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in nf-cl-logger-test2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7f92e72b8e76efdc1d671f13821d881ac58ea36208cd948bad66d2650e63492 The package nf-cl-logger-test2 was found to contain malicious code...
MAL-2026-1799 Malicious code in nf-cl-logger-test2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c7f92e72b8e76efdc1d671f13821d881ac58ea36208cd948bad66d2650e63492 The package nf-cl-logger-test2 was found to contain malicious code...
MAL-2026-1798 Malicious code in nf-cl-logger-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3215a4f0e3f4b33553d866c95c85ddbd61038f8cc37123818021c3307801abf0 The package nf-cl-logger-test was found to contain malicious code...
Malicious code in nf-cl-logger-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3215a4f0e3f4b33553d866c95c85ddbd61038f8cc37123818021c3307801abf0 The package nf-cl-logger-test was found to contain malicious code...
SUSE CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
UBUNTU-CVE-2026-23105
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
EUVD-2026-5436
In the Linux kernel, the following vulnerability has been resolved: net/sched: qfq: Use clisactive to determine whether class is active in qfqrmfromag This is more of a preventive patch to make the code more consistent and to prevent possible exploits that employ child qlen manipulations on qfq...
MAL-2026-611 Malicious code in mbo-letters-cl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in mbo-letters-cl (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d367723532d1a3f90f88a1d23230230dafb47b5f26a68af29aafda36084f5417 The package mbo-letters-cl was found to contain malicious code. Source: ossf-package-analysis...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003267)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003267 advisory. The vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002808)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002808 advisory. Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a...
CVE-2022-31021
Ursa is a cryptographic library for use with blockchains. A weakness in the Hyperledger AnonCreds specification that is not mitigated in the Ursa and AnonCreds implementations is that the Issuer does not publish a key correctness proof demonstrating that a generated private key is sufficient to...
CVE-2025-52538
Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in loss of confidentiality or availability...
CVE-2025-0005
AMD XOCL driver (OpenCL) within the AMD XRT framework is affected by CVE-2025-0005 due to improper input validation, enabling a local overflow that can crash the system or cause a denial of service. Root cause: input validation flaw in XOCL. Impact: local attacker could trigger crash/DoS with low...