183 matches found
MAL-2025-70369 Malicious code in retail-fuchsia-whale (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 57fcf01baeb45153fdeb74f5950e864474bca62a8285e3b6678078932d677763 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2022-15439
Malicious code in bioql PyPI...
EUVD-2024-32906
Malicious code in bioql PyPI...
CVE-2022-0882
A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...
CVE-2024-10604
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...
CVE-2024-10604
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...
CVE-2024-10604
CVE-2024-10604 affects Fuchsia’s network header field generation algorithms. Vulnerable components include the TCP Initial Sequence Number (ISN), TCP timestamp, TCP/UDP source ports, and IPv4/IPv6 fragment IDs, which can be guessed under certain circumstances. The available connected sources iden...
CVE-2024-10604 Identifiable Header Values In Fuchsia Leading To Tracking of The User
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields, specifically the TCP ISN, TCP timestamp, TCP and UDP source ports, and IPv4/IPv6 fragment ID allow for these values to be guessed under circumstances...
PT-2025-1599 · Google · Fuchsia
Name of the Vulnerable Software and Affected Versions: Fuchsia affected versions not specified Description: The issue concerns vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields. Specifically, the vulnerabilities affect the TCP Initial Sequence Number ISN...
MAL-2024-9712 Malicious code in minimum-fuchsia-cattle (npm)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in minimum-fuchsia-cattle (npm)
--- -= Per source details. Do not edit below this line.=-...
fuchsia-star.com Cross Site Scripting vulnerability OBB-3002250
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
fuchsia-star.com Cross Site Scripting vulnerability OBB-2740479
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the Fuchsia operating system’s kernel allows a hacker to gain unauthorized access to protected information.
The vulnerability of the Fuchsia operating system’s kernel is related to the exposure of information. Exploiting this vulnerability could allow an intruder to gain unauthorized access to protected information...
CVE-2022-0882
A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...
CVE-2022-0882
A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...
Design/Logic Flaw
A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...
CVE-2022-0882
CVE-2022-0882 affects the Fuchsia kernel (Zircon kernel addresses) and allows information disclosure: an attacker can read the kernel log via exposed Zircon kernel addresses without the required capability ZX_RSRC_KIND_ROOT. The issue is triggered by access to low-level kernel addressing, enablin...
CVE-2022-0882 Illegal access to Kernel log in Fuchsia
A bug exists where an attacker can read the kernel log through exposed Zircon kernel addresses without the required capability ZXRSRCKINDROOT. It is recommended to upgrade the Fuchsia kernel to 4.1.1 or greater...
CVE-2021-22556 Integer Overflow in Fuchsia Kernel
The Security Team discovered an integer overflow bug that allows an attacker with code execution to issue memory cache invalidation operations on pages that they don’t own, allowing them to control kernel memory from userspace. We recommend upgrading to kernel version 4.1 or beyond...