88 matches found
SUSE CVE-2026-43401
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
EUVD-2018-1183
Malware in sbrugna...
EUVD-2022-28988
Malicious code in bioql PyPI...
CVE-2022-24075
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files...
Malicious code in test-hwp-uwp (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in test-hwp-uwpp (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11721 Malicious code in test-hwp-uwpp (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-11720 Malicious code in test-hwp-uwp (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2023:5069 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. The following packages have been upgraded to a later upstream version: kernel 5.14.0. Security Fixes: kernel: UAF in nftables when nftsetlookupglobal triggered after handling named and anonymous sets in batch...
SUSE CVE-2015-1774
The HWP filter in LibreOffice before 4.3.7 and 4.4.x before 4.4.2 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted HWP document, which triggers an out-of-bounds write...
SUSE CVE-2018-0360
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...
CVE-2022-24075
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files...
CVE-2022-24075
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files...
CVE-2022-24075
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files...
Design/Logic Flaw
Whale browser before 3.12.129.18 allowed extensions to replace JavaScript files of the HWP viewer website which could access to local HWP files. When the HWP files were opened, the replaced script could read the files...
CVE-2022-24075
Whale browser prior to version 3.12.129.18 is affected: extensions can replace JavaScript files of the HWP viewer website, and the replaced script could read local HWP files when those files are opened. The connected documents confirm the same description; no remediation details are provided in t...
ScarCruft surveilling North Korean defectors and human rights activists
The ScarCruft group also known as APT37 or Temp.Reaper is a nation-state sponsored APT actor we first reported in 2016. ScarCruft is known to target North Korean defectors, journalists who cover North Korea-related news and government organizations related to the Korean Peninsula, between others...
ALERT: North Korean hackers targeting South Korea with RokRat Trojan
A North Korean hacking group has been found deploying the RokRat Trojan in a new spear-phishing campaign targeting the South Korean government. Attributing the attack to APT37 aka Starcruft, Ricochet Chollima, or Reaper, Malwarebytes said it identified a malicious document last December that, whe...