Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Move the cfglogverbose check before calling lpfcdmpdbg In an attempt to log message 0126 using LOGTRACEEVENT, the following hard lockup occurred, causing the system to hang. Call Trace: rawspinlockirqsave+0x32/0x40...

apache-airflow-providers-edge3 (>=1.1.0 <=1.1.1rc1), dmp-af (>=0.15.0 <=0.16.0) +1 more potentially affected by CVE-2026-46745 via apache-airflow-providers-fab (=3.6.4)

apache-airflow-providers-fab PYPI version =3.6.4 is affected by a known vulnerability. The following packages have a transitive dependency on apache-airflow-providers-fab and may be impacted: - apache-airflow-providers-edge3 =1.1.0, =0.15.0, =1.11.0.0, =1.13.0.0rc1 Source cves: CVE-2026-46745...

EUVD-2018-19152

Malware in sbrugna...

EUVD-2017-6651

Malware in sbrugna...

EUVD-2021-31696

Malicious code in bioql PyPI...

Malicious code in dmp-web (npm)

The package dmp-web was found to contain malicious code...

MAL-2025-18540 Malicious code in dmp-web (npm)

The package dmp-web was found to contain malicious code...

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...

Malicious code in dmp-suite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 519dd07a618b2ba0671d86ef8fa2155f33aeaacdeed9a41d7f2e5257fb737aac The OpenSSF Package Analysis project identified 'dmp-suite' @ 11.11.3 pypi as malicious. It is considered malicious because: - The package...

MAL-2023-1363 Malicious code in dmp-suite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 519dd07a618b2ba0671d86ef8fa2155f33aeaacdeed9a41d7f2e5257fb737aac The OpenSSF Package Analysis project identified 'dmp-suite' @ 11.11.3 pypi as malicious. It is considered malicious because: - The package...

SUSE CVE-2013-2483

The acnadddmpdata function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service divide-by-zero error and application crash via an invalid count value in ACNDMPADTDRE DMP data...

SUSE CVE-2017-15191

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...

SUSE CVE-2018-7421

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dmp.c by correctly supporting a bounded number of Security Categories for a DMP Security Classification...

dmp-bayern.de Cross Site Scripting vulnerability OBB-2689482

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Dmp Roadmap Cross-Site Scripting Vulnerability

Dmp Roadmap is a data management planning tool. a cross-site scripting vulnerability exists in Dmp Roadmap, which stems from the DMP roadmap prior to 3.0.4 and allows XSS. an attacker could exploit this vulnerability to execute client-side code...

CVE-2021-44896

DMP Roadmap before 3.0.4 allows XSS...

CVE-2021-44896

DMP Roadmap before 3.0.4 allows XSS...

Cross site scripting

DMP Roadmap before 3.0.4 allows XSS...

CVE-2021-44896

DMP Roadmap before 3.0.4 allows XSS...

CVE-2021-44896

DMP Roadmap vulnerability CVE-2021-44896 concerns XSS in DMP Roadmap prior to version 3.0.4. The affected software is DMP Roadmap (data management planning tool). The root cause is an XSS flaw present before 3.0.4, with no explicit exploitation details in the provided documents. Impact is describ...