[SECURITY] Fedora 44 Update: openssh-10.2p1-8.fc44

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

[SECURITY] Fedora 42 Update: openssh-9.9p1-13.fc42

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CVE-2025-61639

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/logging/ManualLogEntry.Php, includes/recentchanges/RecentChangeFactory.Php, includes/recentchanges/RecentChangeStore.Php. This...

Embedded Malicious Code

Overview dydx-v4-client is a malicious package. Versions of this package were compromised with malicious scripts in core registry files. Remediation Avoid using all malicious instances of the dydx-v4-client package. Credit: Kush Pandya...

MAL-2025-159753 Malicious code in mansida-nomfmadi-munaigu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c5c983d2452db5136bffdeb8a4a579420b46947fb11b017d2efdce51d5a3dbd2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in surrounding_jellyfish_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 304d911242154830d0098e3edd0fe64110b45e4490bae1cd85590525c704c39d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2020-27089

Malware in sbrugna...

EUVD-2019-7879

Malware in sbrugna...

EUVD-2019-3155

Malware in sbrugna...

EUVD-2003-0867

Malware in sbrugna...

EUVD-2017-15234

Malware in sbrugna...

EUVD-2021-2889

Malicious code in bioql PyPI...

CVE-2019-17130

vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core/vb/vurl directories...

python-django: Potential directory-traversal in django.core.files.storage.Storage.save()

A vulnerability was found in Python-Django in the Derived classes of the django.core.files.storage.Storage base class that overrides the generatefilename without replicating the file path validations existing in the parent class. This flaw allows potential directory traversal via certain inputs...

[SECURITY] Fedora 38 Update: openssh-9.0p1-19.fc38

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CVE-2024-23848

In the Linux kernel through 6.7.1, there is a use-after-free in cecqueuemsgfh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c...

SUSE CVE-2011-4190

The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this fl...

SUSE CVE-2019-7150

An issue was discovered in elfutils 0.175. A segmentation fault can occur in the function elf64xlatetom in libelf/elf32xlatetom.c, due to dwflsegmentreportmodule not checking whether the dyn data read from a core file is truncated. A crafted input can cause a program crash, leading to...

OpenBMCS 2.4 - Information Disclosure

Exploit Title: OpenBMCS 2.4 - Information Disclosure Exploit Author: LiquidWorm Date: 26/10/2021 OpenBMCS 2.4 Secrets Disclosure Vendor: OPEN BMCS Product web page: https://www.openbmcs.com Affected version: 2.4 Summary: Building Management & Controls System BMCS. No matter what the size of your...

USN-5122-2: Apport vulnerability

USN-5122-1 fixed a vulnerability in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local...