PT-2025-38270

Name of the Vulnerable Software and Affected Versions jinjava versions prior to 2.8.1 Description jinjava is a Java-based template engine. A sandbox escape flaw exists due to unrestricted interaction with the properties of JinjavaInterpreter instances, specifically through the ObjectMapper. By...

Linux Distros Unpatched Vulnerability : CVE-2016-1000006

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hhvm before 3.12.11 has a use-after-free in the serializememoizeparam and ResourceBundle::construct functions. CVE-2016-1000006 Note that Nessus relies on the...

Linux Distros Unpatched Vulnerability : CVE-2023-30410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecmaopfunctionconstruct at /operations/ecma-function-object.c...

Malicious code in lambda-pipeline-construct (npm)

The package lambda-pipeline-construct was found to contain malicious code...

MAL-2025-24940 Malicious code in lambda-pipeline-construct (npm)

The package lambda-pipeline-construct was found to contain malicious code...

IBM DB2 for Linux Denial of Service Vulnerability

IBM Db2 for Linux is a relational database management system developed by IBM and designed for the Linux operating system to provide high-performance, highly reliable data storage and management services. A denial of service vulnerability exists in IBM DB2 for Linux, which can be exploited by an...

CVE-2024-36624

Zulip 8.3 is vulnerable to Cross Site Scripting XSS via the constructcopydiv function in copyandpaste.js...

CVE-2023-30410

Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component ecmaopfunctionconstruct at /operations/ecma-function-object.c...

Malicious code in cdk-construct-library-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7030a0b9d7d1eed660c8a53ad26a551201ff0ee4a7ee399b284e9c0b4a61214f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3093 Malicious code in cdk-construct-library-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7030a0b9d7d1eed660c8a53ad26a551201ff0ee4a7ee399b284e9c0b4a61214f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system developed by Google Inc. in the United States. Google Android suffers from a security vulnerability that originates from a heap buffer overflow in the constructtransactionfromcmd function of the lwisioctl.c file, which may have...

MAL-2024-11170 Malicious code in qt-construct (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4e83ab35f49c26dc7986fc0d8853ff836b168fef5f28c1fd662cf8afb400fc4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in qt-construct (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b4e83ab35f49c26dc7986fc0d8853ff836b168fef5f28c1fd662cf8afb400fc4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-45037

The AWS Cloud Development Kit CDK is an open-source framework for defining cloud infrastructure using code. Customers use it to create their own applications which are converted to AWS CloudFormation templates during deployment to a customer’s AWS account. CDK contains pre-built components called...

UBUNTU-CVE-2023-52773

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix a NULL pointer dereference in amdgpudmi2cxfer When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link which will dictate whether the pin is marke...

WordPress Plugin WP Compress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-21159 · Unknown +1 · Prestashop +1

Name of the Vulnerable Software and Affected Versions: PrestaShop versions prior to 6.5.0 Description: The issue allows attackers to escalate privileges and obtain sensitive information via Send:: construct and importProducts:: addDataToDb methods. This is a SQL Injection vulnerability in...

SUSE CVE-2021-47042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dclinkconstruct: unreferenced object 0xffffa03e81471400 size 1024: comm "amdmoduleload", pid 2486, jiffies 4294946026 age 10.544s hex dump first 32...

CVE-2021-47042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dclinkconstruct: unreferenced object 0xffffa03e81471400 size 1024: comm "amdmoduleload", pid 2486, jiffies 4294946026 age 10.544s hex dump first 32...

UBUNTU-CVE-2021-47042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dclinkconstruct: unreferenced object 0xffffa03e81471400 size 1024: comm "amdmoduleload", pid 2486, jiffies 4294946026 age 10.544s hex dump first 32...