Malicious code in js3030-main (npm)

The package js3030-main was found to contain malicious code...

DEBIAN-CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

ALPINE-CVE-2025-8961

A weakness has been identified in LibTIFF 4.7.0. This affects the function main of the file tiffcrop.c of the component tiffcrop. Executing manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been made available to the public and could be exploited...

CVE-2025-8929 code-projects Medical Store Management System MainPanel.java sql injection

A vulnerability has been found in code-projects Medical Store Management System 1.0. This vulnerability affects unknown code of the file MainPanel.java. The manipulation of the argument searchTxt leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

Malicious code in electron-test-main (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 64731d49ad099a9f118a9485fb5568a4f594576ed888e0bb96f7f278853ec158 The OpenSSF Package Analysis project identified 'electron-test-main' ...

MAL-2025-6924 Malicious code in electron-test-main (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 64731d49ad099a9f118a9485fb5568a4f594576ed888e0bb96f7f278853ec158 The OpenSSF Package Analysis project identified 'electron-test-main' ...

The vulnerability in the driver/net/ethernet/intel/ice/ice_main.c module of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the drivers/net/ethernet/intel/ice/icemain.c module of the Linux operating system is related to state management errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

Linux Distros Unpatched Vulnerability : CVE-2023-35827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 6.3.8. A use-after-free was found in ravbremove in drivers/net/ethernet/renesas/ravbmain.c. CVE-2023-35827...

Linux Distros Unpatched Vulnerability : CVE-2024-42262

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix potential memory leak in the performance extension If fetching of userspace...

NanoVault 安全漏洞

NanoVault is an open source wallet software using Nano cryptocurrency by Andrew Steele, an individual developer. A security vulnerability exists in NanoVault 1.2.1 and earlier versions, which stems from a cross-site scripting vulnerability in the function executeJavaScript in file/main.js...

org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.12.2), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.12.2) +5 more potentially affected by CVE-2025-24853 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.12.2)

org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.12.2 Source cves: CVE-2025-24853 Source advisory: OSV:GHSA-RRFF-CHJ9-W4C7...

org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.12.2), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.12.2) +5 more potentially affected by CVE-2025-24854 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.12.2)

org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.12.2 Source cves: CVE-2025-24854 Source advisory: OSV:GHSA-72WW-4RCW-MC62...

org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.12.2), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.12.2) +5 more potentially affected by CVE-2025-24854 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.12.2)

org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.12.2 Source cves: CVE-2025-24854 Source advisory: SNYK:JAVA-ORGAPACHEJSPWIKI-11357915...

NewStart CGSL MAIN 7.02 : OpenEXR Multiple Vulnerabilities (NS-SA-2025-0107)

The remote NewStart CGSL host, running version MAIN 7.02, has OpenEXR packages installed that are affected by multiple vulnerabilities: - Due to a failure in validating the number of scanline samples of a OpenEXR file containing deep scanline data, Academy Software Foundation OpenEX image parsing...

NewStart CGSL MAIN 7.02 : libsoup Vulnerability (NS-SA-2025-0122)

The remote NewStart CGSL host, running version MAIN 7.02, has libsoup packages installed that are affected by a vulnerability: - GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soupheaderparseparamliststrict. There is a plausible way to reac...

NewStart CGSL MAIN 7.02 : less Vulnerability (NS-SA-2025-0106)

The remote NewStart CGSL host, running version MAIN 7.02, has less packages installed that are affected by a vulnerability: - less through 653 allows OS command execution via a newline character in the name of a file, because quoting is mishandled in filename.c. Exploitation typically requires us...

NewStart CGSL MAIN 7.02 : cryptopp Multiple Vulnerabilities (NS-SA-2025-0115)

The remote NewStart CGSL host, running version MAIN 7.02, has cryptopp packages installed that are affected by multiple vulnerabilities: - ModularSquareRoot in Crypto++ aka cryptopp through 8.9.0 allows attackers to cause a denial of service infinite loop via crafted DER public-key data associate...

NewStart CGSL MAIN 7.02 : python-setuptools Vulnerability (NS-SA-2025-0181)

The remote NewStart CGSL host, running version MAIN 7.02, has python-setuptools packages installed that are affected by a vulnerability: - A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These...

NewStart CGSL MAIN 7.02 : python-requests Vulnerability (NS-SA-2025-0107)

The remote NewStart CGSL host, running version MAIN 7.02, has python-requests packages installed that are affected by a vulnerability: - Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests Session, if the first request is made with verify=False to disable cert...

NewStart CGSL MAIN 7.02 : squashfs-tools Multiple Vulnerabilities (NS-SA-2025-0192)

The remote NewStart CGSL host, running version MAIN 7.02, has squashfs-tools packages installed that are affected by multiple vulnerabilities: - squashfsopendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem...