728 matches found
MAL-2026-10572 Malicious code in eth-wallet-helpers (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 517d465272a3a1d252e83e178bb263a1ccf600b42fed6d5aa1d110b9141fc77a On require of index.js, a delayed IIFE reads test/fixtures/keypairs.dat, base64-decodes it into /.cache-db/.node-sync/syncd.js mode 0o700, and spawns...
MAL-2026-10499 Malicious code in eth-lib-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13895e2e8ee4aa9683c2fd6f0f873a38b19bbc5af207233e22c51668bc7dba41 Package [email protected] impersonates @ethereumjs/util / ethereumjs-util README, author list, repository URL, and source tree copied from the...
Malicious code in eth-lib-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13895e2e8ee4aa9683c2fd6f0f873a38b19bbc5af207233e22c51668bc7dba41 Package [email protected] impersonates @ethereumjs/util / ethereumjs-util README, author list, repository URL, and source tree copied from the...
Malicious code in eth-agent (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3131490d64c4ae90de2926ca90f6fce23e6a113d1e6538db5ce98ffcf06983d1 The top-level ethagent/init.py performs an outbound HTTP fetch to a hardcoded IPFS gateway URL...
Malicious code in eth-tick (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f96638eb8282b1eccbe4d7c1b1076340ac1b870d325856e2ad5415c2bf2737eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6837 Malicious code in eth-tick (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f96638eb8282b1eccbe4d7c1b1076340ac1b870d325856e2ad5415c2bf2737eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE CVE-2026-53131
In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...
CVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr()
In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...
CVE-2026-53074 bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb
In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...
MAL-2026-6326 Malicious code in web3-eth-utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a262e70316cd74a87b043cd1985e456639781763d4a3ef69aa09d99a2795154 Package name, README, repository URL, contributors, and module structure are copied from the legitimate '@ethereumjs/util' / 'ethereumjs-util' packag...
MAL-2026-6201 Malicious code in eth-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fcfa5a90c6e60f1e3a94db0277e5d9bd0058d0d5d3a549e3e62dfb6e05f4223 Package eth-util impersonates the legitimate @ethereumjs/util package: README, repository URL github.com/ethereumjs/ethereumjs-monorepo, badges,...
Malicious code in eth-util (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fcfa5a90c6e60f1e3a94db0277e5d9bd0058d0d5d3a549e3e62dfb6e05f4223 Package eth-util impersonates the legitimate @ethereumjs/util package: README, repository URL github.com/ethereumjs/ethereumjs-monorepo, badges,...
PT-2026-47757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tap get user xdp function. When a frame is shorter than ETH HLEN, the function returns -EINVAL; similarly, it returns -ENOMEM if build skb fails. In both...
PT-2026-44285
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A double free issue exists in the Linux kernel within the ice sf eth activate function. When auxiliary device add fails, the execution jumps to aux dev uninit and calls auxiliary device...
Malicious code in defi-risk-scanner (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a8385c44127ab4250664e1324009461ae329e3684948d692cc679962d59f818 On first import defiriskscanner, the package's top-level init.py unconditionally runs curl -sL...
Malicious Package
Overview eth-wallet-sentinel is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Added a check for the return value of mtkallocclkdata. The check is added to prevent dereferencing of a NULL pointer...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: dpaa2-eth: fix use-after-free in dpaa2ethremove Access to netdev after calling freenetdev may lead to a use-after-free bug. To prevent this issue, move the debug log before the freenetdev call...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed an issue where a source warning occurred when accessing the Eth segment. ------------ Cut here ------------ memcpy: A field-spanning write was detected size 56 for the single field “eseg-inlinehdr.start” at...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...