Malicious code in alya-baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 473103f2220a0215abf49be7e46ec1748052935ce188e0eee6ded08af7b47cf1 alya-baileys is a fork of the Baileys WhatsApp library that adds a hidden, remotely-controlled action channel against the installer's authenticated...

Astra Linux - уязвимость в qemu

A flaw was discovered in the QEMU virtual crypto device during handling of data encryption/decryption requests in virtiocryptohandlesymreq. There is no check for the values of srclen and dstlen in virtiocryptosymophelper, which may lead to a heap buffer overflow if these values differ...

CVE-2025-65409

A flaw was found in Recutils. Attackers can exploit a divide-by-zero vulnerability in the encryption and decryption routines by providing an empty password. This can lead to a Denial of Service DoS, making the application unavailable to legitimate users...

CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

GNU Recutils 安全漏洞

GNU Recutils is a tool and library for accessing the recfiles plain text database from the US GNU community. A security vulnerability exists in GNU Recutils that stems from a divide-by-zero error in the encryption/decryption routines, which could lead to a denial-of-service attack...

CVE-2025-65409

A divide-by-zero in the encryption/decryption routines of GNU Recutils v1.9 allows attackers to cause a Denial of Service DoS via inputting an empty value as a password...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that encdechypercall accepts page counts instead of sizes, which could result in page mislabeling...

CVE-2025-27070

CVE-2025-27070 is listed under Qualcomm closed-source components as a High-severity issue involving memory corruption during encryption and decryption commands. The available documents identify the vulnerability and its association with Qualcomm closed-source components, but do not provide a spec...

PT-2025-44922

Name of the Vulnerable Software and Affected Versions Windows Compute affected versions not specified Description A memory corruption issue exists when performing encryption and decryption commands. This can lead to an out-of-bounds write condition. Recommendations At the moment, there is no...

EUVD-2021-1273

Malware in sbrugna...

EUVD-2023-25819

Malicious code in bioql PyPI...

EUVD-2024-1003

Malicious code in bioql PyPI...

Security update for libgcrypt

This update for libgcrypt fixes the following issues: CVE-2024-2236: timing-based side-channel flaw in RSA implementation can lead to decryption of RSA ciphertexts bsc1221107. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

CLSA-2025-1746792031 golang: Fix of 2 CVEs

CVE-2024-34156: prevent prevents stack exhaustion when attempting to decode a message that contains an extremely deeply nested struct - CVE-2023-45287: replace big.Int for encryption and decryption...

OESA-2025-1076 podman security update

Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavio...

CVE-2024-56690

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption that occurs when processing IOCTL calls invoked from user space to validate non-extended FIPS encryption and decryption function...

CVE-2024-56690

In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Call crypto layer directly when padatadoparallel return -EBUSY Since commit 8f4f68e788c3 "crypto: pcrypt - Fix hungtask for PADATARESET", the pcrypt encryption and decryption operations return -EAGAIN when the CP...