Malicious code in @posthog/event-sequence-timer-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db26ed26bc40e436602c36fa1c507d324e650f5aeba5a15875e59daadc8a5a14 The package @posthog/event-sequence-timer-plugin was found to contain malicious code. Source: google-open-source-security...

EUVD-2025-198948

Malicious code in @posthog/event-sequence-timer-plugin npm...

AZL-66863 CVE-2025-38679 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the firmware. The number of properties is indicated by the firmware and used t...

CVE-2025-38679

In the Linux kernel, the following vulnerability has been resolved: media: venus: Fix OOB read due to missing payload bound check Currently, The eventseqchanged handler processes a variable number of properties sent by the firmware. The number of properties is indicated by the firmware and used t...

CVE-2025-38679

CVE-2025-38679 – Linux kernel media venus OOB read : The vulnerability is in media: venus where event_seq_changed() processes a firmware property count without validating the payload length, enabling out-of-bounds memory access. Impact: kernel crashes and potential information disclosure if firmw...

PT-2025-35952

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The event seq changed handler in the Linux kernel does not validate the payload size against the message length, potentially leading to out-of-bounds memory access if the firmware provid...

Updated libtpms/swtpm packages fix security vulnerability

CryptSym: fix AES output IV CVE-2021-3505. Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer CVE-2021-3623 Restore original value in buffer if unmarshalled one was illegal Fixed out-of-bounds access...

MGASA-2021-0590 Updated libtpms/swtpm packages fix security vulnerability

CryptSym: fix AES output IV CVE-2021-3505. Fixed a context save and suspend/resume problem when public keys are loaded. Reset too large size indicators in TPM2B to avoid access beyond buffer CVE-2021-3623 Restore original value in buffer if unmarshalled one was illegal Fixed out-of-bounds access...