56 matches found
Security update for kea
This update for kea fixes the following issues: Update to release 2.6.5. Security issues fixed: CVE-2026-3608: stack overflow error via specially crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemonsbsc1260380. Other updates and bugfixes: A null dereference is now ...
SUSE SLED15 / SLES15 Security Update : kea (SUSE-SU-2026:1378-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1378-1 advisory. Update to release 2.6.5: A large number of bracket pairs in a JSON payload directed to any endpoint would result in a...
Malicious Package
Overview strapi-plugin-nordica-cms is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
Malicious Package
Overview strapi-plugin-blurhash is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren...
Malicious Package
Overview strapi-plugin-debug-tools is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
Malicious Package
Overview strapi-plugin-content-sync is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages...
Malicious Package
Overview strapi-plugin-api is a malicious package. This package contains malicious code that conceals a command-and-control agent and credential harvester. A malicious actor published a coordinated campaign of thirty-six packages disguised as community Strapi CMS plugins. These packages aren't...
CVE-2026-3608
Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2...
Linux Distros Unpatched Vulnerability : CVE-2026-3608
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can...
EUVD-2006-5285
Malware in sbrugna...
EUVD-2023-31246
Malicious code in bioql PyPI...
EUVD-2022-37806
Malicious code in bioql PyPI...
EUVD-2024-23299
Malicious code in bioql PyPI...
EUVD-2024-23300
Malicious code in bioql PyPI...
CVE-2022-34902
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Access 6.5.4 39316 Agent. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within t...
CVE-2024-26003
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality...
ROS-20240812-11
The GLPI Agent universal control agent vulnerability involves modifying GLPI-Agent code or allows a DLL to be used to modify the agent's logic. Exploitation of the vulnerability could allow an attacker to privilege escalation...
CVE-2024-26004
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality...
CVE-2024-26003
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality...
Design/Logic Flaw
An unauthenticated remote attacker can DoS a control agent due to access of a uninitialized pointer which may prevent or disrupt the charging functionality...