MAL-2026-4719 Malicious code in weavedb-exm-sdk-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3992f423f88c69e8c00223cc0ef81f970b8e178f1854beb00ef443586302ad89 package.json declares "preinstall": "./bin/install-deps", which runs a 976KB UPX-packed Linux x86 ELF binary on every npm install. The package...

Malicious code in weavedb-base (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 886f22636b5e4726978e23b10a4311fb7e65c2b10003da72429348fa617884d1 package.json declares "preinstall": "./vendor/setup", which runs a 976KB packed Linux x86 ELF binary sha256...

MAL-2026-4652 Malicious code in python-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b94c01fae325c5f5e92abd5da03527c54e22bb48202b1dc8b3e2c64947753b2 package.json declares "preinstall": "./dist/typecheck.js". The referenced file is not JavaScript — it is a 5,224,556-byte Linux x86 ELF executable...

VulnCheck KEV: CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

EUVD-2025-31570

Malicious code in bioql PyPI...

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

CVE-2025-6724

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...

CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

CVE-2025-6724 Chef Automate SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in multiple services via improperly neutralized inputs used in an SQL command...

Linux Distros Unpatched Vulnerability : CVE-2021-2443

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.24. Easily...

CVE-2022-49549 x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when thresholdcreatebank fails In mcethresholdcreatedevice, if thresholdcreatebank fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice...

USN-7155-1: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices

A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X. "The new...

com.diffplug.durian:durian-swt (>=3.0.0 <=5.2.0), com.diffplug.durian:durian-swt.cocoa.macosx.aarch64 (>=3.6.1 <=5.2.0) +179 more potentially affected by CVE-2023-4218 via org.eclipse.platform:org.eclipse.jface (>=3.12.2 <=3.30.0)

org.eclipse.platform:org.eclipse.jface MAVEN version =3.12.2, =3.0.0, =3.6.1, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =1.0.31, =1.0.0, =1.0.0, =0.1.0, =1.0.1 and more Source cves: CVE-2023-4218 Source advisory: OSV:GHSA-J24H-XCPC-9JW8...

Heap-based Buffer Overflow

Description heap-buffer-overflow p/bf/plugin.c:176 in decode Environment radare2 5.8.9 31000 @ linux-x86-64 commit: 95b648f0907e91e10d55fc48147a7dae99029c5b Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasan" CXXFLAGS="-fsanitize=address -static-libasan"...

Linux/x86 - Polymorphic linux x86 Shellcode (92 Bytes)

Exploit Title: Polymorphic linux x86 nc -lvve/bin/sh -p13377 shellcode 92 Bytes Exploit Author: Eduardo Silva Tested on: Linux x8664 SMP Debian 4.19.260-1 SLAE/Student ID: PA-31319 Webpage: https://0xnibbles.github.io/ Description: This shellcode is a polymorphic version of...

Monomorph - MD5-Monomorphic Shellcode Packer - All Payloads Have The Same MD5 Hash

════════════════════════════════════╦═══ ╔═╦═╗ ╔═╗ ╔═╗ ╔═╗ ╔═╦═╗ ╔═╗ ╔══╔═╗ ╠═╗ ═╩ ╩ ╩═╚═╝═╩ ╩═╚═╝═╩ ╩ ╩═╚═╝═╩ ╠═╝═╩ ╩═ ════════════════════════════════╩═══════ By Retr0id ═══ MD5-Monomorphic Shellcode Packer ═ ══ USAGE: python3 monomorph.py inputfile outputfile payloadfile What does it do? It...

Heap-based Buffer Overflow

Description Heap-based Buffer Overflow in msp430op Environment radare2 5.6.9 0 @ linux-x86-64 git. commit: 5.6.9 build: 2022-05-0112:17:49 Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasan" CXXFLAGS="-fsanitize=address -static-libasan" LDFLAGS="-fsanitize=address...

Heap-based Buffer Overflow

Description Heap-based Buffer Overflow in rreadle32 Environment radare2 5.6.7 0 @ linux-x86-64 git. commit: 5.6.7 build: 2022-04-1215:06:26 Build export CC=gcc CXX=g++ CFLAGS="-fsanitize=address -static-libasan" CXXFLAGS="-fsanitize=address -static-libasan" LDFLAGS="-fsanitize=address...

Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode

Exploit Title: Linux/x86 - Linux/x86 - Egghunter Reverse TCP Shell dynamic IP and port Shellcode Exploit Author: d7x Tested on: Ubuntu x86 / Linux/x86 - Egghunter Reverse TCP Shell Shellcode Generator with dynamic IP and port Shellcode Author: d7x https://d7x.promiselabs.net/...