CVE-2023-53578

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix an uninit variable access bug in qrtrtxresume Syzbot reported a bug as following: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0 net/qrtr/afqrtr.c:230...

EUVD-2024-51806

Malicious code in bioql PyPI...

EUVD-2023-44885

Malicious code in bioql PyPI...

EUVD-2024-53280

Malicious code in bioql PyPI...

DEBIAN-CVE-2023-53349

In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740initcontrols There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 size 16: comm "51-i2c-ov2740", pid 278, jiffies 4294781584 age...

UBUNTU-CVE-2023-53349

In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740initcontrols There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 size 16: comm "51-i2c-ov2740", pid 278, jiffies 4294781584 age...

CVE-2023-53349 media: ov2740: Fix memleak in ov2740_init_controls()

In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740initcontrols There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 size 16: comm "51-i2c-ov2740", pid 278, jiffies 4294781584 age...

iss-ctrl (>=0.0.3 <=0.0.7) potentially affected by unknown CVE via @basic-ui-components-stc/basic-ui-components (=1.0.4)

@basic-ui-components-stc/basic-ui-components NPM version =1.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on @basic-ui-components-stc/basic-ui-components and may be impacted: - iss-ctrl =0.0.3, =0.0.7 Source cves: unknown CVE Source advisory:...

PT-2025-38199

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A kernel memory leak kmemleak exists in the ov2740 init controls function within the media/i2c/ov2740.c file. This leak occurs when testing with a bpf mock device, specifically due to...

UBUNTU-CVE-2023-53300

In the Linux kernel, the following vulnerability has been resolved: media: hi846: Fix memleak in hi846initcontrols hi846initcontrols doesn't clean the allocated ctrlhdlr in case there is a failure, which causes memleak. Add v4l2ctrlhandlerfree to free the resource properly...

CVE-2023-53300

The CVE-2023-53300 issue is in the Linux kernel media hi846 driver: hi846_init_controls allocated a ctrl_hdlr but failed to free it on error, causing a memory leak. The fix adds v4l2_ctrl_handler_free to properly release the allocated resources when initialization fails. Affected area: kernel med...

Malicious code in @ctrl/deluge (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d92c8c0ce4fcd72693ec79d2f5d112099c3e5d23e214a06327498cfa5b655fc4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @ctrl/react-adsense (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dc78e701d6941c16bc77a99580c74125deb3045bfb62ccee9917be54177617e8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-47141 Malicious code in @ctrl/tinycolor (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21271c2ac161a78b2e79e14edbfba306dd2aa53c17aae63f3b009ba9288e1ddb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Embedded Malicious Code

Overview @ctrl/ngx-csv is a package to easily generate a CSV download in the browser with Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts,...

Embedded Malicious Code

Overview @ctrl/ngx-codemirror is a Codemirror Wrapper for Angular Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API...

Embedded Malicious Code

Overview @ctrl/magnet-link is a package that parses a magnet URI into an object Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credential...

CVE-2025-38705

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix null pointer access Writing a string without delimiters ' ', '\n', '\0' to the under gpuod/fanctrl sysfs or pppowerprofilemode for the CUSTOM profile will result in a null pointer dereference...

Malicious code in q-ctrl (npm)

The package q-ctrl was found to contain malicious code...

MAL-2025-30980 Malicious code in q-ctrl (npm)

The package q-ctrl was found to contain malicious code...