MAL-2025-192673 Malicious code in xmlwtf3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdc397291400d5d396c50c42966b6c482fb92a577a17ad2440c2ab4c7f0619e6 The package xmlwtf3 was found to contain malicious code. Source: ghsa-malware f1aef41363b46dac1d30ba3bd916904df95fce8278f6b3abed14f7b48002d2c8 Any...

MAL-2025-192657 Malicious code in yt-smm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3641ecf42237a55c9fb81c4368aa7b83a42d2110a64a733f45d27005cf38dc26 The package yt-smm was found to contain malicious code. Source: ghsa-malware b4d96978cd4e109ed8b360f551af24fd1621dd659f63a490c9de077b587f607b Any...

Malicious code in yt-smm (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3641ecf42237a55c9fb81c4368aa7b83a42d2110a64a733f45d27005cf38dc26 The package yt-smm was found to contain malicious code. Source: ghsa-malware b4d96978cd4e109ed8b360f551af24fd1621dd659f63a490c9de077b587f607b Any...

Malicious code in qwqwqw (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f4e634690c8bd1d21672a93e09ed423088fe0e7a238b86a40cda9bae547e678e The package qwqwqw was found to contain malicious code. Source: ghsa-malware 200ea085dc96770417e900e08812693529cd6fde1e7ea45a28c8a332382049f1 Any...

Malicious code in viktorparserctf8 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e3e1243238b2a1eade50d8bcfebe117fd9f3090271497fce1f9d1e2798abeaa4 The package viktorparserctf8 was found to contain malicious code. Source: ghsa-malware 610271459dc452bb1384a92a84e0e37bd11f3d688166faa2ee174e81fdaf8a...

MAL-2025-192650 Malicious code in viktorparserctf4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00678c1855d2692f49a5643aecec33c4181e61a390c1852ee6b7200f0c2f3ca1 The package viktorparserctf4 was found to contain malicious code. Source: ghsa-malware 0961c05d572349a1c68d499506c8317678a9f123ebbeaf7540186a8cbf6f87...

Malicious code in test-mal-npm-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 60f6f3e205b514fc5d9c6e98be4d3b0bf7049c38a0ff62e678584aaff50fc643 The package test-mal-npm-pkg was found to contain malicious code. Source: ghsa-malware d97b7f5012899a502ba9d154bc5f146717e56795f702823294ea3636b433c7...

Malicious code in chai-nerd (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector debbd45ba7868f5eca573b8e1aa2ce52439e75cc632f1149ce670f8e3f17abbc The package chai-nerd was found to contain malicious code. Source: ghsa-malware c5a2651b8c60bc1c29940656635411bf52439baa544a902ebf25b1d8c95c276a Any...

Malicious code in ctfxmlflgcheck (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96c9132a189fafbc7ceddc628c9c59a2b9a82a6225d714f90b167e9ead0d2df5 The package ctfxmlflgcheck was found to contain malicious code. Source: ghsa-malware f63a449906d3cc26b3649aef217acb2fa01373b30b1dfe3f7f3923b6811d785a...

MAL-2025-192629 Malicious code in flagstealerfinal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64b9cc9bb0bafe61901221efe8e6c9359eef4061151cc1a35544721addc6b8f2 The package flagstealerfinal was found to contain malicious code. Source: ghsa-malware eecc837f74a9e474ce6f056e83fc505b9f1126d18a96a5eb879def906682fd...

Malicious code in flagstealerfinal (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 64b9cc9bb0bafe61901221efe8e6c9359eef4061151cc1a35544721addc6b8f2 The package flagstealerfinal was found to contain malicious code. Source: ghsa-malware eecc837f74a9e474ce6f056e83fc505b9f1126d18a96a5eb879def906682fd...

CVAT.ai CVAT 安全漏洞

CVAT.ai CVAT is an open source data processing tool from CVAT.ai. A security vulnerability exists in CVAT.ai CVAT versions 2.8.1 through 2.52.0 that originates from an attacker being able to retrieve the contents of any file system directory accessible by the CVAT server, potentially leading to a...

CVE-2025-67789

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Authenticated users can retrieve the computer count of other DriveLock tenants via the DriveLock API...

SUSE CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

CVE-2025-67789

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Authenticated users can retrieve the computer count of other DriveLock tenants via the DriveLock API...

EUVD-2025-203953

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Authenticated users can retrieve the computer count of other DriveLock tenants via the DriveLock API...

CVE-2025-67789

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Authenticated users can retrieve the computer count of other DriveLock tenants via the DriveLock API...

PT-2025-51898

Name of the Vulnerable Software and Affected Versions DriveLock versions 24.1 through 24.1.5 DriveLock versions 24.2 through 24.2.6 DriveLock versions 25.1 through 25.1.4 Description An issue exists where authenticated users can obtain the computer count for other DriveLock tenants through the...

DriveLock 安全漏洞

DriveLock is an endpoint security and data protection platform from DriveLock Germany. A security vulnerability exists in DriveLock versions prior to 24.1.6, 24.2.7, and 25.1.5, which stems from an authenticated user being able to retrieve the number of computers of other tenants via the DriveLoc...

EUVD-2025-203672

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a regression triggered by scsihostbusy Commit 995412e23bb2 "blk-mq: Replace tags-lock with SRCU for tag iterators" introduced the following regression: Call trace: srcureadlock+0x30/0x80 P...