CVE-2025-58443 FOG's authentication bypass leads to full SQL DB dump

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1673 and below contain an authentication bypass vulnerability. It is possible for an attacker to perform an unauthenticated DB dump where they could pull a full SQL DB without credentials. A fix is...

MAL-2025-45660 Malicious code in pyminer-dev-guide (npm)

The package pyminer-dev-guide was found to contain malicious code...

Malicious code in pyminer-dev-guide (npm)

The package pyminer-dev-guide was found to contain malicious code...

webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser

...

webpack-dev-server users' source code may be stolen when they access a malicious web site

...

webpack-dev-middleware Path Traversal vulnerability

...

MAL-2025-46922 Malicious code in spamurai-dev-kit (RubyGems)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6809fd87c593e76bcb0bd4a719cab9e51e2d3b617f9a172d0a8a2f68a09474e7 The OpenSSF Package Analysis project identified 'spamurai-dev-kit' @ 3.0.1 rubygems as malicious. It is considered malicious because: - The...

Linux Distros Unpatched Vulnerability : CVE-2025-38555

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - usb: gadget : fix use-after-free in compositedevcleanup 1. In func configfscompositebind - compositeosdescreqprepare: if kmalloc fails, the pointer cdev-osdescr...

Linux Distros Unpatched Vulnerability : CVE-2023-0866

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3.0-DEV. CVE-2023-0866 Note that Nessus relies on the presence of the package as reported b...

Linux Distros Unpatched Vulnerability : CVE-2023-0818

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. CVE-2023-0818 Note that Nessus relies on the presence of the package as reported by the...

Linux Distros Unpatched Vulnerability : CVE-2019-20160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a stack-based buffer overflow in the function av1parsetilegroup in...

Linux Distros Unpatched Vulnerability : CVE-2022-1795

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use After Free in GitHub repository gpac/gpac prior to v2.1.0-DEV. CVE-2022-1795 Note that Nessus relies on the presence of the package as reported by the vendo...

Linux Distros Unpatched Vulnerability : CVE-2022-4202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsrtranslatecoords of the fil...

Linux Distros Unpatched Vulnerability : CVE-2023-1449

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability has been found in GPAC 2.3-DEV-rev35-gbbca86917-master and classified as problematic. This vulnerability affects the function gfav1resetstate of...

Linux Distros Unpatched Vulnerability : CVE-2022-3222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. CVE-2022-3222 Note that Nessus relies on the presence of the package as reported by th...

Linux Distros Unpatched Vulnerability : CVE-2019-12779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames under /dev/shm and /tmp without...

Linux Distros Unpatched Vulnerability : CVE-2022-2454

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.1-DEV. CVE-2022-2454 Note that Nessus relies on the presence of the package as reported...

Malicious code in oclif-dev (npm)

The package oclif-dev was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 9cf078178f5da45231528dbb9bb1883266f18b9c8cd4784a7c8542a3c3d4de7b This package installs a dependency hosted on a custom domain that runs an info...

MAL-2025-42049 Malicious code in oclif-dev (npm)

The package oclif-dev was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 9cf078178f5da45231528dbb9bb1883266f18b9c8cd4784a7c8542a3c3d4de7b This package installs a dependency hosted on a custom domain that runs an info...

OESA-2025-2081 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: blk-mq: don't touch -tagset in blkmqgetsqhctx blkmqrunhwqueues could be run when there isn't queued request and after queue is cleaned up, at that time tagset is...