Malicious code in bfx-hf-strategy-perf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector aac057221646f5043eab6606ba990a3a112afc149c583347e40321643deab7ba The package bfx-hf-strategy-perf was found to contain malicious code. Source: ossf-package-analysis...

MINI-FXXV-37MV-HFHC

Bulletin has no description...

Siemens多款产品 资源管理错误漏洞

Siemens SIMATIC ET 200AL and others are products of Siemens, Germany.Siemens SIMATIC ET 200AL is a distributed I/O system module.Siemens SIMATIC ET 200MP is a modular I/O system module for use in control cabinets for high-density channel applications. Siemens SIMATIC ET 200SP is a distributed I/O...

UBUNTU-CVE-2025-68343

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: check actuallength before accessing header The driver expects to receive a struct gshostframe in gsusbreceivebulkcallback. Use structgroup to describe the header of the struct gshostframe and...

CVE-2025-68343

CVE-2025-68343 in the Linux kernel affects the can: gs_usb driver (gs_usb_receive_bulk_callback). The vulnerability arises from not validating the actual_length before accessing the gs_host_frame header, risking dereference of an incomplete header. The fix uses struct_group to describe the header...

CVE-2025-48593

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-197910

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48593

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48593

The CVE-2025-48593 entry concerns a remote code execution flaw in Android’s system code, specifically within the bta_hf_client_main.cc path (bta_hf_client_cb_init). The root cause is a missing bounds check during processing of network packets, enabling a buffer overflow via memcpy into a fixed-si...

ASB-A-374746961

In btahfclientcbinit of btahfclientmain.cc, there is a possible remote code execution due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-36782

Malicious code in airbnb-base-hf npm...

Malicious code in airbnb-base-hf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f8ad4bb6eac712ed5b01efbb7a4e455306cdf4f9114c6d604fa49af1f3c1875 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview airbnb-base-hf is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

MAL-2025-48976 Malicious code in airbnb-base-hf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8f8ad4bb6eac712ed5b01efbb7a4e455306cdf4f9114c6d604fa49af1f3c1875 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-28714

Improper access control in firmware for some IntelR PROSet/Wireless WiFi software for Windows before version 22.220 HF Hot Fix may allow a privileged user to potentially enable escalation of privilege via local access...

Malicious code in euf-ele-hf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a7cfc361d149da8b9d35ea0df759689a516eed93545d9966146e4652bc08aa2a The OpenSSF Package Analysis project identified 'euf-ele-hf' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

MAL-2025-3280 Malicious code in euf-ele-hf (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis a7cfc361d149da8b9d35ea0df759689a516eed93545d9966146e4652bc08aa2a The OpenSSF Package Analysis project identified 'euf-ele-hf' @ 1.0.0 npm as malicious. It is considered malicious because: - The package...

CVE-2024-5865

Vulnerability in Delinea Centrify PAS v. 21.3 and possibly others. The application is prone to the path traversal vulnerability allowing arbitrary files reading outside the web publish directory. Versions 23.1-HF7 and on have the patch...

Atos Unify OpenScape Path Traversal Vulnerability

Atos Unify OpenScape is a native SIP-based real-time Voice over IP system from Atos Unify. A path traversal vulnerability exists in versions prior to Atos Unify OpenScape Xpressions WebAssistant V7 V7R1 FR5 HF42 P911 that stems from allowing path traversal...

PT-2023-29529 · Rsa · Archer Platform

Name of the Vulnerable Software and Affected Versions: Archer Platform versions 6.x through 6.13 P2 HF1 Archer Platform version 6.13 P2 HF2 is not affected, but versions prior to 6.13 P2 HF2 are vulnerable. Description: The issue is a stored cross-site scripting XSS vulnerability. A remote...