Lucene search
+L

728 matches found

OSV
OSV
added 3 days ago4 views

MAL-2026-10572 Malicious code in eth-wallet-helpers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 517d465272a3a1d252e83e178bb263a1ccf600b42fed6d5aa1d110b9141fc77a On require of index.js, a delayed IIFE reads test/fixtures/keypairs.dat, base64-decodes it into /.cache-db/.node-sync/syncd.js mode 0o700, and spawns...

6.1AI score
Exploits0References4
OSV
OSV
added 4 days ago4 views

MAL-2026-10499 Malicious code in eth-lib-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13895e2e8ee4aa9683c2fd6f0f873a38b19bbc5af207233e22c51668bc7dba41 Package [email protected] impersonates @ethereumjs/util / ethereumjs-util README, author list, repository URL, and source tree copied from the...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 4 days ago7 views

Malicious code in eth-lib-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 13895e2e8ee4aa9683c2fd6f0f873a38b19bbc5af207233e22c51668bc7dba41 Package [email protected] impersonates @ethereumjs/util / ethereumjs-util README, author list, repository URL, and source tree copied from the...

6.1AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 5 days ago9 views

Malicious code in eth-agent (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3131490d64c4ae90de2926ca90f6fce23e6a113d1e6538db5ce98ffcf06983d1 The top-level ethagent/init.py performs an outbound HTTP fetch to a hardcoded IPFS gateway URL...

6.3AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/07/06 6:53 p.m.6 views

Malicious code in eth-tick (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f96638eb8282b1eccbe4d7c1b1076340ac1b870d325856e2ad5415c2bf2737eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
OSV
OSV
added 2026/07/06 6:53 p.m.5 views

MAL-2026-6837 Malicious code in eth-tick (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f96638eb8282b1eccbe4d7c1b1076340ac1b870d325856e2ad5415c2bf2737eb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.9AI score
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.8 views

SUSE CVE-2026-53131

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

9.4CVSS5.8AI score0.00431EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/25 8:38 a.m.37 views

CVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr()

In the Linux kernel, the following vulnerability has been resolved: netfilter: require Ethernet MAC header before using ethhdr ip6teui64, xtmac, the bitmap:ip,mac, hash:ip,mac, and hash:mac ipset types, and nflogsyslog access ethhdrskb after either assuming that the skb is associated with an...

9.4CVSS0.00431EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 4:30 p.m.2 views

CVE-2026-53074 bpf: reject short IPv4/IPv6 inputs in bpf_prog_test_run_skb

In the Linux kernel, the following vulnerability has been resolved: bpf: reject short IPv4/IPv6 inputs in bpfprogtestrunskb bpfprogtestrunskb calls ethtypetrans first and then uses skb-protocol to initialize sk family and address fields for the test run. For IPv4 and IPv6 packets, it may access...

5.8AI score0.00164EPSS
Exploits0References11
OSV
OSV
added 2026/06/23 3:55 p.m.5 views

MAL-2026-6326 Malicious code in web3-eth-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a262e70316cd74a87b043cd1985e456639781763d4a3ef69aa09d99a2795154 Package name, README, repository URL, contributors, and module structure are copied from the legitimate '@ethereumjs/util' / 'ethereumjs-util' packag...

6.4AI score
Exploits0References2
OSV
OSV
added 2026/06/19 8:8 a.m.12 views

MAL-2026-6201 Malicious code in eth-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fcfa5a90c6e60f1e3a94db0277e5d9bd0058d0d5d3a549e3e62dfb6e05f4223 Package eth-util impersonates the legitimate @ethereumjs/util package: README, repository URL github.com/ethereumjs/ethereumjs-monorepo, badges,...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 8:8 a.m.14 views

Malicious code in eth-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6fcfa5a90c6e60f1e3a94db0277e5d9bd0058d0d5d3a549e3e62dfb6e05f4223 Package eth-util impersonates the legitimate @ethereumjs/util package: README, repository URL github.com/ethereumjs/ethereumjs-monorepo, badges,...

6.1AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47757

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tap get user xdp function. When a frame is shorter than ETH HLEN, the function returns -EINVAL; similarly, it returns -ENOMEM if build skb fails. In both...

8.2CVSS5.3AI score0.00235EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.24 views

PT-2026-44285

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A double free issue exists in the Linux kernel within the ice sf eth activate function. When auxiliary device add fails, the execution jumps to aux dev uninit and calls auxiliary device...

7.8CVSS6.2AI score0.00138EPSS
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/22 8:31 p.m.11 views

Malicious code in defi-risk-scanner (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5a8385c44127ab4250664e1324009461ae329e3684948d692cc679962d59f818 On first import defiriskscanner, the package's top-level init.py unconditionally runs curl -sL...

6AI score
Exploits0References6
Snyk
Snyk
added 2026/05/22 2:42 a.m.8 views

Malicious Package

Overview eth-wallet-sentinel is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Added a check for the return value of mtkallocclkdata. The check is added to prevent dereferencing of a NULL pointer...

5.5CVSS5.1AI score0.00225EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net: dpaa2-eth: fix use-after-free in dpaa2ethremove Access to netdev after calling freenetdev may lead to a use-after-free bug. To prevent this issue, move the debug log before the freenetdev call...

7.8CVSS6.2AI score0.00227EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed an issue where a source warning occurred when accessing the Eth segment. ------------ Cut here ------------ memcpy: A field-spanning write was detected size 56 for the single field “eseg-inlinehdr.start” at...

7.8CVSS6.4AI score0.00265EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/19 9:4 a.m.26 views

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

7.8CVSS6.7AI score0.00344EPSS
Exploits8References46
Rows per page
Query Builder