EUVD-2025-139343

Malicious code in nurai-sutaf-daa npm...

Malicious code in nurai-sutaf-daa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c3636e7e220de4258cc7b31562a32b2e21428c5327aee19fc1f62e79f06019c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-176913 Malicious code in nurai-sutaf-daa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2c3636e7e220de4258cc7b31562a32b2e21428c5327aee19fc1f62e79f06019c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2008-3857

Malware in sbrugna...

CVE-2024-49874 i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition

In the Linux kernel, the following vulnerability has been resolved: i3c: master: svc: Fix use after free vulnerability in svci3cmaster Driver Due to Race Condition In the svci3cmasterprobe function, &master-hjwork is bound with svci3cmasterhjwork, &master-ibiwork is bound with svci3cmasteribiwork...

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

The U.S. Treasury Department's Office of Foreign Assets Control OFAC on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command IRGC-CEC from at least 2016 to April 202...

CVE-2019-8992

The administrative server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO ActiveMatrix BPM Distribution for TIBCO Silver Fabric, TIBCO ActiveMatrix Policy Director, TIBCO ActiveMatrix Service Bus, TIBCO ActiveMatrix Service Grid, TIBCO ActiveMatrix Service Grid Distribution for...

UltraISO文件解析多个安全漏洞

BUGTRAQ ID: 34325 CVECAN ID: CVE-2008-4825,CVE-2008-3871 UltraISO软碟通是一款功能强大而又方便实用的软碟文件制作/编辑/转换工具。 UltraISO在处理DAA和ISZ文件名时存在格式串漏洞，如果用户受骗打开了名称中包含有格式串标识符的特制文件的话，就可能导致执行任意代码。 如果用户受骗使用UltraISO打开了畸形的CIF、C2D或GI文件的话，就可能触发多个缓冲区溢出，导致执行任意代码。 EZB Systems UltraISO 9.3.1.2633 EZB Systems -----------...

Format string

Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a 1 DAA or 2 ISZ file...

CVE-2008-3871

Multiple format string vulnerabilities in UltraISO 9.3.1.2633, and possibly other versions before 9.3.3.2685, allow user-assisted attackers to execute arbitrary code via format string specifiers in the filename of a 1 DAA or 2 ISZ file...

CVE-2008-3871

UltraISO 9.3.1.2633 (and possibly earlier versions) contains format string vulnerabilities in DAA/ISZ file name handling that can allow user‑assisted arbitrary code execution. Vendor reportedly fixed the issue in version 9.3.3.2685; multiple advisories and CVE entries confirm the flaw. No exploit...

Secunia Research: UltraISO Image Name Parsing Format String Vulnerabilities

====================================================================== Secunia Research 01/04/2009 - UltraISO Image Name Parsing Format String Vulnerabilities - ====================================================================== Table of Contents Affected...