Your phone called. It needs a cleanup.

Does it sometimes take your phone a few minutes to accomplish one simple task? That can be wildly frustrating. But you’re in luck, because we’ve got a free tool that scans your phone for leftover files, temporary data, outdated caches and helps you clean up all that junk. Introducing our Junk...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the spi microchip-core-qspi driver attempting to transmit junk data when simulating read-only...

CVE-2018-25328 VX Search 10.6.18 Local Buffer Overflow via Directory Field

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

CVE-2018-25328

VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute...

MAL-2026-3682 Malicious code in @chahuadev/junk-sweeper-app (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3d446150767f92344d8d0a699f5879bd746200fb8beb60554408699868f03d51 The package's postinstall script package.json line 10: "postinstall": "node install.js" unconditionally fetches a platform-native executable from...

Astra Linux - уязвимость в pypy

Python versions prior to 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1, and 3.7.0 are vulnerable to catastrophic backtracking in the difflib.IS-LineJUNK method. An attacker could exploit this flaw to cause a denial of service. source-iocs-preserved const=ISLINEJUNK...

CVE-2016-20037

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...

CVE-2017-20226 Mapscrn 2.0.3 Stack-Based Buffer Overflow

Mapscrn 2.0.3 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized input buffer. Attackers can craft a malicious buffer with junk data, return address, NOP instructions, and shellcode to overflow the stack and achieve...

CVE-2016-20037 xwpe 1.5.30a-2.1 Stack-based Buffer Overflow

xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying overly long input strings that exceed buffer boundaries. Attackers can craft malicious command-line arguments with 262 bytes of junk data followed by...

PT-2026-27360

River Past Cam Do 3.7.6 contains a local buffer overflow vulnerability in the activation code input field that allows local attackers to execute arbitrary code by supplying a malicious activation code string. Attackers can craft a buffer containing 608 bytes of junk data followed by shellcode and...

CVE-2026-3419

Fastify incorrectly accepts malformed Content-Type headers containing trailing characters after the subtype token, in violation of RFC 9110 §8.3.1https://httpwg.org/specs/rfc9110.htmlfield.content-type. For example, a request sent with Content-Type: application/json garbage passes validation and ...

python: Fix of 2 CVEs

CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of service, add input validation and enforce backtracking limits - CVE-2018-1061: fix catastrophic backtracking in the difflib.ISLINEJUNK method...

CLSA-2026-1771926895 python: Fix of 2 CVEs

CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of service, add input validation and enforce backtracking limits - CVE-2018-1061: fix catastrophic backtracking in the difflib.ISLINEJUNK method...

CLSA-2026-1771927168 python: Fix of 2 CVEs

CVE-2018-1060: fix catastrophic backtracking in APOP method, prevent denial of service, add input validation and enforce backtracking limits - CVE-2018-1061: fix catastrophic backtracking in the difflib.ISLINEJUNK method...

Trend Micro Cleaner One Pro Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Cleaner One Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Junk...

Adaptive Detection of Polymorphic Malware: Leveraging Mutation Engines and YARA Rules for Enhanced Security

Polymorphic malware continually alters its structure to evade signature-based defences, challenging both commercial antivirus AV and enterprise detection systems. This study introduces a reproducible framework for analysing eight polymorphic behaviours-junk code insertion, control-flow obfuscatio...

MAL-2025-186024 Malicious code in castor-magellan-halley-equinox (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f91c2d58b576b6b398598b006ff7330ccf27b074f3ba12ea2377ed20fee56b1f This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in kiki-jengkol58-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c4b80029862c34b077dcc5f7e185d97dfb07be45a08f29d592bafe4379596521 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-102719 Malicious code in financial_gorilla_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 239fd78574352eaf0d74acf14dc95236ccc77bea2490f4091e9af4f210db6922 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in junk-test-foobar (npm)

The package junk-test-foobar was found to contain malicious code...