ROS-20260112-7314

A vulnerability in the dmirrordeviceevictchunk function of the lib/testhmm.c module of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2022-35085

SWFTools commit 772e55a2 was discovered to contain a memory leak via /lib/mem.c...

CVE-2020-12118

The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties...

CVE-2024-41375

ICEcoder 8.1 is vulnerable to Cross Site Scripting XSS via lib/terminal-xhr.php...

CVE-2023-50252

php-svg-lib is an SVG file parsing / rendering library. Prior to version 0.5.1, when handling tag that references an tag, it merges the attributes from the tag to the tag. The problem pops up especially when the href attribute from the tag has not been sanitized. This can lead to an unsafe file...

Malicious code in cng-web-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 018fca29734b6580902f0808df01db408d09cb6704720e6cac215827f5812f75 The package cng-web-lib was found to contain malicious code. Source: ghsa-malware ea72356f6a1b185aea027fcf291bdb55d1a3f4e6ae715b68e42c5e33834a28d9 An...

EUVD-2026-1837

Malicious code in cng-web-lib npm...

Malicious Package

Overview cng-web-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

MAL-2026-176 Malicious code in mixpanel-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2b11bdefc18a5b590716cefe2036f1f759ccb42fd3c22c420ac524a479ff9f01 The package mixpanel-lib was found to contain malicious code. Source: ghsa-malware 03fe07795e21df3debb6abf06b5b47f19ddd7996e5be6b06d8dd07fa37e7cd2f A...

EUVD-2026-1840

Malicious code in secguest-lib npm...

Malicious Package

Overview secguest-lib is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

org.webjars.npm:bitcore-lib (=0.15.0), org.webjars.npm:bitcore-mnemonic (=1.5.0) +6 more potentially affected by CVE-2025-14505 via org.webjars.npm:elliptic (>=6.4.0 <=6.6.1)

org.webjars.npm:elliptic MAVEN version =6.4.0, =4.0.0, =3.2.0, =4.0.2 Source cves: CVE-2025-14505 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-14908845...

CVE-2024-14020

A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Executing a manipulation can lead to improperly controlled modification of object prototype attributes...

CVE-2022-27271

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the component python-lib. This vulnerability is triggered via a crafted packet...

PT-2026-1548

Name of the Vulnerable Software and Affected Versions carboneio carbone versions prior to 3.5.6 Description A weakness exists in carboneio carbone up to version fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. The issue resides in the Formatter Handler component, specifically within the file lib/input.j...

[SECURITY] Fedora 42 Update: nginx-mod-modsecurity-1.0.4-5.fc42

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 43 Update: nginx-mod-modsecurity-1.0.4-5.fc43

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

PT-2026-23085

Name of the Vulnerable Software and Affected Versions libsoup versions 2.4.1-2.74.3 through 2.4.1-2.74.3-17.1 libsoup versions 3.0.0-3.6.6 through 3.0.0-3.6.6-1.1 Description The libsoup library contains flaws related to HTTP/1 request smuggling. Specifically, the soup headers parse function...

Malicious code in secguest-react-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b76ab99d9a667e9700bb0176dde546ff3748b742775ea322766035a730391891 The package secguest-react-lib was found to contain malicious code. Source: ghsa-malware...

Malicious code in secguest-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae83c0c9ae4ffab006e7b6d1833b54dfb5386dedf3e94dedf500b3af1dc82d1c The package secguest-lib was found to contain malicious code. Source: ghsa-malware 62ef36b4b0912fdc42b94702acf5c8e48b06cb2d3370113c3c875479aacd5e9f A...