MAL-2026-4989 Malicious code in @cloudplatform-single-spa/svp-tags (npm)

Part of a dependency confusion attack campaign targeting the @cloudplatform-single-spa and @mlspace npm scopes. The attacker npm user mr.4nd3r50n published 139 scoped packages at the inflated version 99.99.99, which resolves ahead of any private registry version via npm's default version...

MAL-2025-107761 Malicious code in ready_tick-silentdev (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c8a78cddaf9a193d4581d8ae4f94ab148563c482e6d9f247a7c0143cd41b3647 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2008-1835

Malware in sbrugna...

SUSE CVE-2008-1835

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar...

CVE-2021-3795

A flaw was found in the semver-regex library where it could lead to consuming a big amount of resources when executing specific strings. Attackers could take advantage of this by crafting an invalid version causing a disruption or a denial of service DoS...

Jobs fail with “Error: Invalid product version” after upgrade to Veeam Backup & Replication v9

Challenge After upgrading to Veeam Backup & Replication v9, all jobs fail with "Error: Invalid product version." Cause During the upgrade process the new v9 license file was not installed. Solution Install the new v9 license file that can be acquired from the support portal. The following link wi...

EMC IRM License Server DoS Server 4.6.1.1995

No description provided by source. Luigi Auriemma Application: EMC IRM License Server http://www.emc.com Versions: = 4.6.1.1995 Platforms: Windows Bugs: A version compat check FIPS NULL pointer B freezing caused by multiple commands C NULL pointer caused by commands after invalid version...

Null pointer dereference

The decryption function in Flagship Industries Ventrilo 3.0.2 and earlier allows remote attackers to cause a denial of service NULL pointer dereference and server crash by sending a type 0 packet with an invalid version followed by another packet to TCP port 3784...

CVE-2008-1835

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar...

CVE-2008-1835

ClamAV before 0.93 allows remote attackers to bypass the scanning enging via a RAR file with an invalid version number, which cannot be parsed by ClamAV but can be extracted by Winrar...