CVE-2026-35344

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

CVE-2026-35344 uutils coreutils dd Silent Data Corruption via Unconditional Truncation Error Suppression

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

MAL-2026-1487 Malicious code in vitest-config (npm)

Malicious package due to preinstall script execution, system info gathering, Discord webhook usage for data exfiltration, and error suppression. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d6cfc9315582e56556f40906f86a19927ad32b3826548896d1eaf23e0705243 The...

Malicious code in vitest-config (npm)

Malicious package due to preinstall script execution, system info gathering, Discord webhook usage for data exfiltration, and error suppression. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9d6cfc9315582e56556f40906f86a19927ad32b3826548896d1eaf23e0705243 The...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unpropagated return value that could result in an error being suppressed...

CVE-2023-53758 spi: atmel-quadspi: Free resources even if runtime resume failed in .remove()

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...

GHSA-6M9G-JR8C-CQW3 Depth counting error in guard() leading to multiple potential security issues in aioxmpp

Impact Possible remote Denial of Service or Data Injection. Patches Patches are available in https://github.com/horazont/aioxmpp/pull/268. They have been backported to the 0.10 release series and 0.10.3 is the first release to contain the fix. Workarounds To make the bug exploitable, an error...

SUSE-SU-2016:2974-1 Security update for pacemaker

This update for pacemaker fixes the following issues: - remote: Allow cluster and remote LRM API versions to diverge bsc1009076 - libcrmcommon: fix CVE-2016-7035 improper IPC guarding bsc1007433 - sysconfig: minor tweaks typo, wording - spec: more robust check for systemd being in use - spec:...

CVE-2013-3428

CVE-2013-3428 affects Cisco Secure Access Control System (ACS). The web interface does not properly suppress error-condition details due to insufficient filtering of error output, allowing remote authenticated users to obtain sensitive information via an error-triggering request (Bug ID CSCue6595...

eNM-0.0.1.txt

easy notes manager eNM version 0.0.1, available at http://217.172.179.216/evandor/html/index.php?id=103 is affected by multiple sql injection vulnerability due to a missing check of the user supplied input. An attacker can bypass the authentication procedure and get a full dump of the database...

fuseXSS.txt

This was discovered by myself over the weekend. I cant find out what versions of fusebox this vulnerability is in but seeing as it affects the main fusebox page I can only assume it is the latest v4.1.0 and possibly some older versions. According to the Fusebox site, What is Fusebox? Fusebox is a...