19813 matches found
CVE-2026-47271
The CVE affects pam_usb prior to version 0.9.0, where out-of-memory guards in src/mem.c (xmalloc/xrealloc/xstrdup) were removed when NDEBUG is defined. With no NULL checks after allocation, NULL pointer dereferences occur, causing a crash in the PAM module loaded by sudo or login and leading to l...
Linux Distros Unpatched Vulnerability : CVE-2025-71180
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - counter: interrupt-cnt: Drop IRQFNOTHREAD flag An IRQ handler can either be IRQFNOTHREAD or acquire spinlockt, as CONFIGPROVERAWLOCKNESTING warns:...
CVE-2025-68807 block: fix race between wbt_enable_default and IO submission
In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved out of queue freezing in elevatorchange, it can cause the wbt inflight counter to become negative -1, leading to hung tasks in the writebac...
Malicious code in web-route-final-nu-route (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a5c7be5f1d5e20af05a8a41845cf88aa11d49fe80adadaa957e21395a29b1a4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in farout-quark-joviology-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c230aeb0dbc961504d4d49ed9821e3c3a573289a1d57329fe4e15a004318974b This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in orbit-typeorm-nucleosynthesis-tectonic (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6dd0f8906ebfbf9c904bb008379e1ef26813caad53f6b2009b17913f630de464 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in assert-zeta-visualize-data-char (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2bf70c747e8b5236dda3b3cab1f3c6287cc1cca1e6a49f13b239239537aabba5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in star-permission-parse-assert-small (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a8fb324b2acae3a24eb32deb53820b89c37d9ead245b8e2cfde66d4842fadb29 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hadron-vuetify-astrophysics-prompts (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a023aa918b6df89cf02b3fb9cbff1e261dbb97330b127160a907246a48e94bf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in neuromorphic-cybernetics-cosmogenic-neutronstar (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 160b9ee422b1614bc10ab76b17cfd59829dd820e115922f452f8253b0f2750f1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in hydrogeology-mesosphere-event-troposphere (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f812fa3ee6deb8d0b6857a56a2cb4fc70b77fbaea0dac5eb3f17d280be3a633 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in supernova-astrochemistry-webpack-supervisor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ea0a97a162095a0ef04e01b4076c2c65caf6fe9f6509d012f347112f447a2040 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in chalk-soap-eris-mini-css-extract-plugin (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9dfb806249dbb13adc7a707fc35469c24fed0c44496bb851f9c5dfff3945dee This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in geoarchaeology-oberon-proteomics-xenon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4457df8bb683c248eb0726675b92eb63a0c31125a2f8c3dbdee0b1dae031dcfb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in sync-vega-apex-prettier-plugin-markdown (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7049cee782d42510430e26832fb304bb48636354de220eb85f797b763b0df0d2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in centaurus-miranda-meteor-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f9dfde358d6a071c63d8cd5d8c57a54d7e60b2c7c26ccf05411518e4daeeb61 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in library-archaeoastronomy-winston-spica (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbe3dcb39beccc420438542d11282f21171bd86c34f18ac5d213fcc6caa0eed6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in grep-pi-final-interpret-cloud (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5422369c9543fe29291dab0ecd21197d00e62b593a25270abd1b25736f3bec0a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in thread-link-code-stack-old (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0332ea06ac8e14a11d6373d745a8c9acfba7cf0627fbf54277743d4d2dcd8414 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in rocket-fomalhaut-sirius-kronos (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 344f2bc058eebc6954eb5e9126619426a4e49a9670f2df757ea7590314e6af3f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...