474 matches found
Malicious code in magic-enum (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 598b85d2cd40d3abeef6fd8285d482735da83dc1711554425a6923673d7698e6 Any computer that has this package installed or running should be considered...
ntfs3: Add bounds checking to mi_enum_attr()
...
MAL-2025-184 Malicious code in enum-bug-keys (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac5c7a3ad4ff0bbfe09e6cac40b10a7e6a0c15ffb81adb37274df55278e3b4b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in enum-bug-keys (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ac5c7a3ad4ff0bbfe09e6cac40b10a7e6a0c15ffb81adb37274df55278e3b4b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2026-21524
Name of the Vulnerable Software and Affected Versions: 389 Directory Server versions prior to 3.0.6git249.6688af9b2. Description: A heap buffer overflow vulnerability exists in the schema attr enum callback function within the schema.c file of 389 Directory Server. This occurs because the code...
GHSA-QQWR-J9MM-FHW6 deno_doc's HTML generator vulnerable to Cross-site Scripting
Summary Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. Details & PoC 1. XSS in generated searchindex.js denodoc outputed a JavaScript file for searching. However, the generated file used innerHTML on unsanitzed HTML input...
CVE-2024-32468
Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...
CVE-2024-32468 Improper neutralization of input during web page generation ("Cross-site Scripting") in deno_doc HTML generator
Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...
CVE-2024-32468 Improper neutralization of input during web page generation ("Cross-site Scripting") in deno_doc HTML generator
Deno is a runtime for JavaScript and TypeScript written in rust. Several cross-site scripting vulnerabilities existed in the denodoc crate which lead to Self-XSS with deno doc --html. 1. XSS in generated searchindex.js, denodoc outputs a JavaScript file for searching. However, the generated file...
DEBIAN-CVE-2024-50248
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Add bounds checking to mienumattr Added bounds checking to make sure that every attr don't stray beyond valid memory region...
AZL-53028 CVE-2024-50248 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: ntfs3: Add bounds checking to mienumattr Added bounds checking to make sure that every attr don't stray beyond valid memory region...
CVE-2024-46871
A flaw was found in the AMD Radeon graphics card driver in the Linux kernel. Out-of-bounds access can be triggered due to arrays being created based on the wrong number of maximum DMUB notification types available, resulting in a denial of service. Mitigation Mitigation for this issue is either n...
CVE-2024-46871 drm/amd/display: Correct the defined value for AMDGPU_DMUB_NOTIFICATION_MAX
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Correct the defined value for AMDGPUDMUBNOTIFICATIONMAX Why & How It actually exposes '6' types in enum dmubnotificationtype. Not 5. Using smaller number to create array dmubcallback & dmubthreadoffload has...
IBM BigFix Relay Server Sites and Package Enum
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM BigFix Relay Server Sites and Package Enum', 'Description' = %q This module retrieves masthead, site, and available package information from...
SUSE CVE-2024-27407
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mienumattr...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an overflow problem discovered via the mienumattr function...
CVE-2024-27008
A flaw was found in the Linux kernel’s nouveau module. An out-of-bounds access issue can be triggered when the Output Resource is zero, resulting in a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product...
CVE-2024-27008
In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource dcb-or value is assigned in fabricatedcboutput, there may be out of bounds access to dacusers array in case dcb-or is zero because ffsdcb-or is used as index there. The 'or...
CVE-2024-27008
In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource dcb-or value is assigned in fabricatedcboutput, there may be out of bounds access to dacusers array in case dcb-or is zero because ffsdcb-or is used as index there. The 'or...
CVE-2024-27008 drm: nv04: Fix out of bounds access
In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource dcb-or value is assigned in fabricatedcboutput, there may be out of bounds access to dacusers array in case dcb-or is zero because ffsdcb-or is used as index there. The 'or...