Malicious Package

Overview @activationcode/error is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in @activation_code/error (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fec73b17468bf333bb1bf6a071209103b774e371dfbf9961ad522dbd006fff7d The package @activationcode/error was found to contain malicious code. Source: ghsa-malware...

CVE-2020-10993

Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java...

EUVD-2025-5423

Malicious code in bioql PyPI...

EUVD-2024-26743

Malicious code in bioql PyPI...

EUVD-2023-39671

Malicious code in bioql PyPI...

Google Android elevation of privilege vulnerability (CNVD-2025-19984)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in the main.cpp main code. The vulnerability can be exploited by an attacker to gain elevated privileges on the system...

CURL-CVE-2025-5399 WebSocket endless loop

Due to a mistake in libcurl's WebSocket code, a malicious server can send a particularly crafted packet which makes libcurl get trapped in an endless busy-loop. There is no other way for the application to escape or exit this loop other than killing the thread/process. This might be used to DoS...

CVE-2025-22026 nfsd: don't ignore the return code of svc_proc_register()

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't ignore the return code of svcprocregister Currently, nfsdprocstatinit ignores the return value of svcprocregister. If the procfile creation fails, then the kernel will WARN when it tries to remove the entry later. Fix...

Linux Distros Unpatched Vulnerability : CVE-2024-43904

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Add null checks for 'stream' and 'plane' before dereferencing This commit adds null checks for the 'stream' and 'plane' variables in the...

PT-2024-9326 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue is related to a remote code execution problem in the Windows Hyper-V system, which is associated with the return of an incorrect status code. This can allow an attacker to...

CVE-2024-26784

Mode C: Normal CVE-2024-26784 details confirmed. Affected software: Linux kernel (ARM) scmi_perf_domain driver. Issue: NULL dereference during module removal when the device-tree entry '#power-domain-cells' is missing, causing probe to bail early but remove() to run with uninitialized state. Root...

CVE-2023-40093

In multiple files, there is a possible way that trimmed content could be included in PDF output due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

AMD SEV-SNP Security Vulnerability

AMD SEV-SNP is a secure encrypted virtualization firmware from UltraMicroelectronics AMD. A single key is used to encrypt system memory. AMD SEV-SNP has a security vulnerability that stems from a code error...

Design/Logic Flaw

In System UI, there is a possible factory reset protection bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

getActiveTickIndex implementation error

Lines of code Vulnerability details Impact The implementation of getActiveTickIndex is wrong, and the searched ticks do not meet expectations, causing funds to be incorrectly allocated to edge ticks, and there is basically no staking income. Proof of Concept // if base token is token0, ticks abov...

CVE-2021-32292

A flaw was found in the parseit function in jsonparse.c., a test app in the json-c library. The code error does not affect the library itself...

In LybraStETHVault.sol (LybraEUSDVaultBase.sol) a user could rigid redeem an amount more than their deposited collateral when the collateral ratio of the user goes below 100% even if they have been super-liquidated.

Lines of code Vulnerability details Impact If the collateral ratio of a user goes below 100%, the user would be able to redeem all of their eUSD for a collateral amount greater than their depositedAssetuser even after they have been super-liquidated. For eg, let us say we have a user X. Now, in...

SUSE CVE-2020-13846

Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code...

Internal WPF code tried to reactive a bindingexpression that was already marked as detached

When upgrading VDA to 2203 Cu2, you may receive an error stating "Internal error: Internal WPF code tried to reactive a bindingexpression that was already marked as detached"...