EUVD-2024-47660

Malicious code in bioql PyPI...

CVE-2025-48965

Mbed TLS before 3.6.4 has a NULL pointer dereference because mbedtlsasn1storenameddata can trigger conflicting data with val.p of NULL but val.len greater than zero...

CVE-2025-48965

The CVE-2025-48965 issue affects Mbed TLS prior to 3.6.4, where the handling of val.p/val.len in mbedtls_asn1_store_named_data can lead to a NULL pointer dereference when val.len > 0. Public documents confirm the vulnerability in mbedtls and indicate fixes/patches in multiple advisories. Debia...

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from an uncontrolled element in the search process, allowing attackers to download the NPM package with conflicting data.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to an uncontrollable element in the search process. Exploiting this vulnerability allows a malicious actor to download the NPM package containing conflicting data...

PT-2024-5344 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.8 through 16.11.6 GitLab CE/EE versions 17.0 through 17.0.4 GitLab CE/EE versions 17.1 through 17.1.2 Description: An issue was discovered where it was possible to upload an NPM package with conflicting package data...