MAL-2025-47493 Malicious code in react-fs-cofnig (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7593b42f32f81d9208bb076f6c58f08dba424e33537c10569716c1561838c360 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47488 Malicious code in next-plugin-uni-i18n (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware cf38f21fbce8422c8375fdbc547879dab7eea1a9773a78740cee14d4919f95ca Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in luma-glow-db (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 80813446edf951ac165d71e8e56c30d45881e40776615d07d104e3e40ef1f5ad Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in chartable-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b387b9a592b8ed553ec2f990ed3f9cf329be2772c324ac75bd78e6ba9acecfcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47474 Malicious code in chartable-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b387b9a592b8ed553ec2f990ed3f9cf329be2772c324ac75bd78e6ba9acecfcc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in dowload_ebok_grundkurs_kunstliche_intelligenz_by_wolfgang_ertel_r9sfy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94e9bffeeffbe35f94a97022a4515f12e36980b5cdb2152202cbe06899ed409a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in filigrean-icon (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5b36c0d6ed8ec6a40757f980d71fc37fd950148adc4bec988b34f6a4bcc83136 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Reproducing a Security Risk Assessment Using Computer Aided Design

Security risk assessment is essential in establishing the trustworthiness and reliability of modern systems. While various security risk assessment approaches exist, prevalent applications are "pen and paper" implementations that -- even if performed digitally using computers -- remain prone to...

MAL-2025-47467 Malicious code in internallib_v52 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4d4bce17702fd04e9d38d97007a2bc8b4028c77159bcd19e1565f71d7f4ada4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in internallib_v915 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3514c2a5f4c17fc8f3a153f8c5601c0308a3dded83b19b0b6a387943c2425178 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2025-10468 Path Traversal in Beyaz Computer's CityPLus

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Beyaz Computer CityPlus allows Path Traversal. This issue affects CityPlus: before 24.29375...

CVE-2025-10468

CVE-2025-10468 describes a path traversal vulnerability in Beyaz Computer CityPlus. The root cause is an improper limitation of a pathname to a restricted directory, allowing traversal attacks. Affected versions are CityPlus before 24.29375. The CVSS 3.1 score is 7.5 (HIGH) with network attack ve...

CVE-2025-10468 Path Traversal in Beyaz Computer's CityPLus

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Beyaz Computer CityPlus allows Path Traversal. This issue affects CityPlus: before 24.29375...

CVE-2025-10468

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Beyaz Computer CityPlus allows Path Traversal. This issue affects CityPlus: before 24.29375...

Malicious code in validator-utils-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1fe16686eac8cc9669d7b7cb7b2fb58b8ee27416f8281bf10cabe5710fff4618 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Beyaz Computer CityPlus 路径遍历漏洞

Beyaz Computer CityPlus is an electronic document management platform from Beyaz Computer in Turkey. A path traversal vulnerability exists in Beyaz Computer CityPlus versions prior to 24.29375, which stems from an improperly restricted pathname and could lead to a path traversal attack...

Ashlar-Vellum Cobalt Memory Corruption Vulnerability

Ashlar-Vellum Cobalt is a 3D modeling software developed by Ashlar Vellum, which supports Windows and Mac systems, and is mainly used for 3D modeling and CAD drawing in industrial product design, architectural design and other fields. A memory corruption vulnerability exists in Ashlar-Vellum Coba...

CVE-2023-53431

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

CVE-2022-50414 scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails

In the Linux kernel, the following vulnerability has been resolved: scsi: fcoe: Fix transport not deattached when fcoeifinit fails fcoeinit calls fcoetransportattach&fcoeswtransport, but when fcoeifinit fails, &fcoeswtransport is not detached and leaves freed &fcoeswtransport on fcoetransports...

CVE-2023-53387

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix device management cmd timeout flow In the UFS error handling flow, the host will send a device management cmd NOP OUT to the device for link recovery. If this cmd times out and clearing the doorbell fails,...