MAL-2025-140990 Malicious code in commitlint-jovian-exec-figures (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b2a83712f940d043472046dfe7c051ea32c09b485d15a401d1e980e1167464e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-141684 Malicious code in dorado-chalk-canopus-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9780f97be9dad27f3d893ac69914d86d4366e962fcb1202373b7f0fab22d148d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-142361 Malicious code in exec-scorpius-toml-transform (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7daf0e843578606a660a5a5683f1243e6794785cedd068b8403e79e4357aa2cd This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-139804 Malicious code in await-proxima-mui-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2d650a20b5908dc81ddf5fe514abf51c8ed0990e33cfb1fe510b4db247ea4ee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-124559

Malicious code in neptune-exec-radiant-wasat npm...

MAL-2025-140809 Malicious code in cli-rimraf-callback-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 507b5deb9e378a4729ae079af92904564d22a267bae8b21fe5e7db7342c1e2cf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Linux Distros Unpatched Vulnerability : CVE-2025-40166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe/guc: Check GuC running state before deregistering exec queue In normal operation, a registered exec queue is disabled and deregistered through the GuC, a...

PT-2025-46529

Name of the Vulnerable Software and Affected Versions Lite XL versions 2.1.8 and prior Description Lite XL is a lightweight, cross-platform text editor written in Lua and C, designed for extensibility via plugins and project-specific modules. The application executes project-level Lua modules and...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

UBUNTU-CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

CVE-2025-12875

A weakness has been identified in mruby 3.4.0. This vulnerability affects the function aryfillexec of the file mrbgems/mruby-array-ext/src/array.c. Executing a manipulation of the argument start/length can lead to out-of-bounds write. The attack needs to be launched locally. The exploit has been...

mruby 缓冲区错误漏洞

mruby is a lightweight implementation of the Ruby language open-sourced by makesoftwaresafe. A buffer error vulnerability exists in mruby version 3.4.0, which stems from incorrect manipulation of the start/length parameters of the function aryfillexec in the file...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990553)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990553 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: In several other...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990489 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via...

Malicious code in jito-prop-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2a17a99c383a4fa9a1c8e550e6f511297b7600b954644d178923e8073d3a9c5 The package jito-prop-exec was found to contain malicious code. Source: ghsa-malware 5a0c01062e391db56237859b73d9b8bbc69c940292f96aed7a72b1f2f7dd7d09...

EUVD-2025-37870

Malicious code in jito-prop-exec npm...

Malicious Package

Overview jito-prop-exec is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-49359 Malicious code in jito-prop-exec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d2a17a99c383a4fa9a1c8e550e6f511297b7600b954644d178923e8073d3a9c5 The package jito-prop-exec was found to contain malicious code. Source: ghsa-malware 5a0c01062e391db56237859b73d9b8bbc69c940292f96aed7a72b1f2f7dd7d09...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989158)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989158 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: khugepaged: skip huge page collapse for special files The read-only THP for filesystems will...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990367)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990367 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via...