Malicious code in ul-inline (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15d6bb031b2303d28ce8296da9c8f534d9576044e57faffcf455a70b24aa6b9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-36817

Malicious code in ul-inline npm...

MAL-2025-49063 Malicious code in ul-inline (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 15d6bb031b2303d28ce8296da9c8f534d9576044e57faffcf455a70b24aa6b9c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

AZL-69027 CVE-2025-40083 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue To prevent a potential crash in aggdequeue net/sched/schqfq.c when cl-qdisc-ops-peekcl-qdisc returns NULL, we check the return value before using it, similar to the existing approac...

CVE-2025-40083

In CVE-2025-40083, the Linux kernel net/sched SCH_QFQ implementation suffered a potential NULL pointer dereference in agg_dequeue when cl->qdisc->ops->peek() could return NULL. The fix adds a guard by validating the peek result before use, mirrors the approach used in sch_hfsc.c, and ref...

Cross-site Scripting (XSS)

Overview DotNetNuke.Core is a references provider to the DotNetNuke.dll to develop extensions for the DNN Platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the rendering of inline SVG files. An attacker can execute arbitrary scripts in the context of the...

CLSA-2025-1761596679 Update of gcc

gcc48-cfns-fix-protos: fix arm cross building inline issue...

Linux Distros Unpatched Vulnerability : CVE-2023-53692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the...

SUSE CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

Exploit for CVE-2025-62506

CVE-2025-62506 Vulnerability Verification Script !中文https...

Cross-site Scripting (XSS)

wabac.js is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of the requestURL parameter embedded directly into an inline...

SUSE CVE-2023-53692

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free read in ext4findextent for bigalloc + inline Syzbot found the following issue: loop0: detected capacity change from 0 to 2048 EXT4-fs loop0: mounted filesystem 00000000-0000-0000-0000-000000000000 without...

CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

DEBIAN-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

UBUNTU-CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

CVE-2025-62707 pypdf affected by possible infinite loop when reading DCT inline images without EOF marker

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

CVE-2025-62707

CVE-2025-62707 affects the pypdf Python PDF library. Before version 6.1.3, parsing the content stream of a page that contains an inline image using the DCTDecode filter can lead to an infinite loop. IBM and linked advisories note this vulnerability is fixed in pypdf 6.1.3; remediation includes up...

CVE-2025-62707

pypdf is a free and open-source pure-python PDF library. Prior to version 6.1.3, an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. This has been fixed in...

pypdf possibly loops infinitely when reading DCT inline images without EOF marker

Impact An attacker who uses this vulnerability can craft a PDF which leads to an infinite loop. This requires parsing the content stream of a page which has an inline image using the DCTDecode filter. Patches This has been fixed in pypdf==6.1.3. Workarounds If you cannot upgrade yet, consider...