5 matches found
MAL-2026-5798 Malicious code in @resolvx/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4639df1cd39850efb8106cbc5ecf3648f386c0cc5cff6c457d90f6a4d569cef0 On npm install, scripts/postinstall.js connects to a hardcoded attacker IP http://213.218.160.189:8080, fallback:80, sends a base64-encoded host...
Keycloak 数据伪造问题漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a data falsification vulnerability. This vulnerability arises when submitting JSON Web encrypted request objects, and if the decrypted content is the original JSON, Keycloak may improperl...
CVE-2026-31472
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...
CVE-2026-31472 xfrm: iptfs: validate inner IPv4 header length in IPTFS payload
In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: validate inner IPv4 header length in IPTFS payload Add validation of the inner IPv4 packet totlen and ihl fields parsed from decrypted IPTFS payloads in inputprocesspayload. A crafted ESP packet containing an inner...
Minas – on the way to complexity
Sometimes when investigating an infection and focusing on a targeted attack, we come across something we were not expecting. The case described below is one such occurrence. In June 2022, we found a suspicious shellcode running in the memory of a system process. We decided to dig deeper and...