MAL-2024-11326 Malicious code in ccs-react-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a19b5e1d7248b1e5a66bcf5c2ae1bae25a94e6948728331d29c1a363881e05b5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in yelp-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f281d7fb655f7083b4004d10fb257b419c7aeaf1ea0b79636721d4724aec51d9 The OpenSSF Package Analysis project identified 'yelp-lib' @ 17.1.2 npm as malicious. It is considered malicious because: - The package...

MAL-2024-11242 Malicious code in yelp-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis f281d7fb655f7083b4004d10fb257b419c7aeaf1ea0b79636721d4724aec51d9 The OpenSSF Package Analysis project identified 'yelp-lib' @ 17.1.2 npm as malicious. It is considered malicious because: - The package...

WordPress plugin Library Management System SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in the...

Malicious code in private-lib-bug-bounty (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef8c8e73b8b4d3414d06cadfd08f308a41276fe31204d26bc85d1eb566c4923c The OpenSSF Package Analysis project identified 'private-lib-bug-bounty' @ 1.0.0 npm as malicious. It is considered malicious because: - The...

Malicious code in spinal-lib-organ-monitoring (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 863fb7f679e57aab2356e5867fe4d9dd25e11f1c8ef2744b2e337bb0384d8696 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11176 Malicious code in spinal-lib-organ-monitoring (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 863fb7f679e57aab2356e5867fe4d9dd25e11f1c8ef2744b2e337bb0384d8696 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

FreeBSD : jenkins -- Denial of service vulnerability in bundled json-lib (c5dafd73-adfd-11ef-af27-00e081b7aa2d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c5dafd73-adfd-11ef-af27-00e081b7aa2d advisory. Jenkins Security Advisory: Denial of service vulnerability in bundled json-lib Tenable has extracted th...

Malicious code in uatu-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 566dd0cc559f9c7c91efac981b10e952a96fd6064ce67a4281509a3a5d040ca0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11113 Malicious code in uatu-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 566dd0cc559f9c7c91efac981b10e952a96fd6064ce67a4281509a3a5d040ca0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in react-common-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f725d89d41b69b32bcff68f5c43863001fe8a47bf052f1efac3808dbd56f85f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-11071 Malicious code in react-common-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f725d89d41b69b32bcff68f5c43863001fe8a47bf052f1efac3808dbd56f85f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Jenkins plugins Multiple Vulnerabilities (2024-11-27)

According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - util/JSONTokener.java in JSON-lib before 3.1.0 mishandles an unbalanced comment string. CVE-2024-47855 - Jenkins Simple Queue Plugin 1.4.4...

jenkins -- Denial of service vulnerability in bundled json-lib

Jenkins Security Advisory: Description High SECURITY-3463 / CVE-2024-47855 Denial of service vulnerability in bundled json-lib...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2923)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in lito-core-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6cf4549a9eb56f566a4f9b2f25568406b0ba7ed7d72c19ef13a615c6c0cdffa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-10937 Malicious code in lito-core-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6cf4549a9eb56f566a4f9b2f25568406b0ba7ed7d72c19ef13a615c6c0cdffa Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

LibJXL 安全漏洞

LibJXL is a reference implementation of PEG XL encoder and decoder from the LibJXL open source. A security vulnerability exists in LibJXL, which stems from a specially crafted file that can cause the JPEG XL decoder to consume a large amount of stack space, potentially exhausting stack resources...

CVE-2024-50205

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: Avoid division by zero in applyconstrainttosize The step variable is initialized to zero. It is changed in the loop, but if it's not changed it will remain zero. Add a variable check before the division. The...

The vulnerability of the lib/Kconfig.debug components of the Linux operating system’s kernel allows attackers to gain elevated privileges within the system.

The vulnerability of the lib/Kconfig.debug components in the Linux operating system kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain elevated privileges within the system...