681 matches found
EUVD-2025-201290
Taiko Alethia is an Ethereum-equivalent, permissionless, based rollup designed to scale Ethereum without compromising its fundamental properties. In 2.3.1 and earlier, TaikoInbox.verifyBatches packages/protocol/contracts/layer1/based/TaikoInbox.sol:627-678 advanced the local tid to whatever...
MAL-2025-125575 Malicious code in compatible_goldfish_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1b2b6d9b7008b15357dad44c51f9c5e096c3c2ef792155208ac5adadd6299657 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-64888
Malicious code in compatibledeerz3n npm...
EUVD-2025-64887
Malicious code in compatibleearwigz3n npm...
Malicious code in compatible_earwig_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 65ee92b05240de0b1a2e92a9044e53b9fcabb324d062e43b72650593c2ef0dae This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-64889
Malicious code in compatibleclownfishz3n npm...
MAL-2025-77386 Malicious code in compatible_ladybug_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 79f72061c924b3d39d43261ede3fb42b5d8938a8292a664e2b8d042670d508a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-55294
Malicious code in compatible-coffee-hamster npm...
Malicious code in compatible-aqua-heron (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 62ddff50ac37b1d4ca212d4388c8e24af0fc8cb7b3f0044ca24975dbafc47461 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-67356 Malicious code in compatible-maroon-toucan (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 14e165886c7ff4c70437946d2f018c954a40129e1a9d37aba5affea4686410f9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-55293
Malicious code in compatible-maroon-toucan npm...
MAL-2025-67354 Malicious code in compatible-black-deer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8e96d76f6bd8468ad626a9d45bd119f2ae7af20d410a0f7e017332f2e2110b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in compatible-black-deer (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8e96d76f6bd8468ad626a9d45bd119f2ae7af20d410a0f7e017332f2e2110b4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-55295
Malicious code in compatible-black-deer npm...
EUVD-2025-55296
Malicious code in compatible-aqua-heron npm...
EUVD-2025-60265
Malicious code in compatiblecobraz3n npm...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989273)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989273 advisory. In the Linux kernel, the following vulnerability has been resolved: dpaa2-ptp: Fix refcount leak in dpaa2ptpprobe This node pointer is returned by offindcompatibleno...
[SECURITY] Fedora 42 Update: pcre2-10.46-1.fc42
PCRE2 is a re-working of the original PCRE Perl-compatible regular expression library to provide an entirely new API. PCRE2 is written in C, and it has its own API. There are three sets of functions, one for the 8-bit library, which processes strings of bytes, one for the 16-bit library, which...
GHSA-6FVQ-23CW-5628 vLLM: Resource-Exhaustion (DoS) through Malicious Jinja Template in OpenAI-Compatible Server
Summary A resource-exhaustion denial-of-service vulnerability exists in multiple endpoints of the OpenAI-Compatible Server due to the ability to specify Jinja templates via the chattemplate and chattemplatekwargs parameters. If an attacker can supply these parameters to the API, they can cause a...
CVE-2022-50539 ARM: OMAP2+: omap4-common: Fix refcount leak bug
In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: omap4-common: Fix refcount leak bug In omap4sraminit, offindcompatiblenode will return a node pointer with refcount incremented. We should use ofnodeput when it is not used anymore...