Linux Distros Unpatched Vulnerability : CVE-2021-40978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mkdocs 1.2.2 built-in dev-server allows directory traversal using the port 8000, enabling remote exploitation to obtain :sensitive information. NOTE: the...

The vulnerability of the /api/dev-console/proxy/internet file on the Red Hat OpenShift Container Platform corporate platform allows a attacker to perform an SSRF attack.

The vulnerability of the /api/dev-console/proxy/internet file on the Red Hat OpenShift Container Platform corporate platform is related to insufficient validation of requests at the server side. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...

Linux Distros Unpatched Vulnerability : CVE-2022-43045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gfdumpvrmlsffield at /scenemanager/scenedump.c...

MAL-2025-2132 Malicious code in upbit-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ab0bc431ed17927a77a584a2314cd38d812d215c32611c53c673137340dbcf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2094 Malicious code in bitget-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c98dc8a8cb993a1e93d89d0909e8243bfd607c7a635f098ee3b3c103101cbcbe Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in upbit-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5ab0bc431ed17927a77a584a2314cd38d812d215c32611c53c673137340dbcf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in latoken-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 63cdcfe3b15d2c174d58b54998cf056643085f18de21eda41bd23e4cc3bed7a7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2143 Malicious code in whitebit-dev (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b30295d1f08a2d3f1e6d3b2fe1ac51157020a84c2ff55356ef468d7b2db7e4ff Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-1789 Malicious code in editions-dev-2k-variants (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in editions-dev-2k-variants (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in ciaoaibot-dev (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-1755 Malicious code in ciaoaibot-dev (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-1747 Malicious code in bybit-dev (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-1696 Malicious code in @optimystic99/dev-utils (npm)

--- -= Per source details. Do not edit below this line.=-...

SUSE CVE-2025-21810

In the Linux kernel, the following vulnerability has been resolved: driver core: class: Fix wild pointer dereferences in API classdeviternext There are a potential wild pointer dereferences issue regarding APIs classdeviterinit|next|exit, as explained by below typical usage: // All members of @it...

Debian dla-4074 : libmariadb-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4074 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4074-1 [email protected] https://www.debian.org/lts/security/...

SUSE CVE-2025-21760

In the Linux kernel, the following vulnerability has been resolved: ndisc: extend RCU protection in ndiscsendskb ndiscsendskb can be called without RTNL or RCU held. Acquire rcureadlock earlier, so that we can use devnetrcu and avoid a potential UAF...

SUSE CVE-2025-21761

In the Linux kernel, the following vulnerability has been resolved: openvswitch: use RCU protection in ovsvportcmdfillinfo ovsvportcmdfillinfo can be called without RTNL or RCU. Use RCU protection and devnetrcu to avoid potential UAF...

SUSE CVE-2025-21772

In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several issues in partition probing: - The bailout for a bad partoffset must use putdevsector, since the preceding readpartsector succeeded. - If the partition table clai...

SUSE CVE-2025-21783

In the Linux kernel, the following vulnerability has been resolved: gpiolib: Fix crash on error in gpiochipgetngpios The gpiochipgetngpios uses chip macros to print messages. However these macros rely on gpiodev to be initialised and set, which is not the case when called via bgpioinit. In such a...