MAL-2025-191752 Malicious code in helmet-fastapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c1f805932ecbcd95197e98c6e2336eb773252abf5615fe135076d1848cb90395 Package contains hidden code adding a backdoor - a WebSocket path handler which will execute commands sent by an attacker knowing the path. In addition, it add...

Security update for cosign

This update for cosign fixes the following issues: CVE-2024-6104: cosign: hashicorp/go-retryablehttp: Fixed sensitive information disclosure to log file bsc1227031 CVE-2024-51744: cosign: github.com/golang-jwt/jwt/v4: Fixed bad documentation of error handling in ParseWithClaims leading to...

The vulnerability of the FortiWeb web applications’ network interface filter component allows attackers to execute arbitrary commands.

The vulnerability of the log removal filter component in FortiWeb web applications is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary commands...

CVE-2022-49125

In the Linux kernel, the following vulnerability has been resolved: drm/sprd: fix potential NULL dereference 'drm' could be null in sprddrmshutdown, and drmwarn maybe dereference it, remove this warning log. v1 - v2: - Split checking platformgetresource return value to a separate patch - Use...

CVE-2022-49125

In the Linux kernel, the following vulnerability has been resolved: drm/sprd: fix potential NULL dereference 'drm' could be null in sprddrmshutdown, and drmwarn maybe dereference it, remove this warning log. v1 - v2: - Split checking platformgetresource return value to a separate patch - Use...

SUSE CVE-2024-9026

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using PHP-FPM SAPI and it is configured to catch workers output through catchworkersoutput = yes, it may be possible to pollute the final log or remove up to 4 characters from the log messages by manipulating log...

Security Bulletin: IBM Cloud Private installer log contains sensitive information (CVE-2019-4116)

Summary IBM Cloud Private installer log contains sensitive information Vulnerability Details CVEID: CVE-2019-4116 DESCRIPTION: IBM Cloud Private could disclose highly sensitive information in installer logs that could be use for further attacks against the system. CVSS Base Score: 5.5 CVSS Tempor...

SUSE-SU-2019:0081-1 Security update for sssd

This update for sssd provides the following fixes: This security issue was fixed: - CVE-2018-10852: Set stricter permissions on /var/lib/sss/pipes/sudo to prevent the disclosure of sudo rules for arbitrary users bsc1098377 These non-security issues were fixed: - Fix a segmentation fault in ssscac...

PHP Server Monitor 3.3.1 Cross Site Request Forgery

Exploit Title: PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Exploit Author: Javier Olmedo Website: https://www.sidertia.com Date: 2018-11-28 Google Dork: N/A Vendor: https://www.phpservermonitor.org/ Software Link: https://github.com/phpservermon/phpservermon/releases/tag/v3.3.1 Affected...

PHP Server Monitor 3.3.1 - Cross-Site Request Forgery

PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Exploit Title: PHP Server Monitor 3.3.1 - Cross-Site Request Forgery Exploit Author: Javier Olmedo Website: https://www.sidertia.com Date: 2018-11-28 Google Dork: N/A Vendor: https://www.phpservermonitor.org/ Software Link:...

[SECURITY] Fedora 14 Update: logrotate-3.7.9-2.fc14

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...

[SECURITY] Fedora 15 Update: logrotate-3.7.9-8.fc15

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log...