330 matches found
PT-2026-39659
Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource MAR updater org.mozilla.updater that has had all MAR signature verification stripped from the Firefox codebase it was forked from. The MAR files served to users contain zero cryptographic signatures...
CVE-2026-21023
Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installation restriction of specific application...
CVE-2026-28364
In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization runtime/intern.c enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock function, which performs unbounded memcpy operation...
CVE-2025-15555 Open5GS VoLTE Cx-Test hss-cx-path.c hss_ogs_diam_cx_mar_cb stack-based overflow
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hssogsdiamcxmarcb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGSKEYLEN results in stack-based buffer overflow. The attack may be...
Mozilla Firefox ESR < 60.2
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-21 advisory. - A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by...
Malicious code in nuyar-mar-afad (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dbb265f7dde2b192e246d6023e4c6c8fec9cec781ecc92eb74957039582f95b6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nuyar-mar-aifo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3823c5f7c1e6f9d8b6c98da2115dd033dd0a0f8e80263d69b67f8939e873b2a7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in nuyar-mar-aif (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5ab6ffa2bcaebe34ba11381ba48619f1c9b452408316f3deaef4893482302d27 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-139067
Malicious code in nuyar-mar-afa npm...
EUVD-2025-139060
Malicious code in nuyar-mar-aifo npm...
EUVD-2025-139066
Malicious code in nuyar-mar-afad npm...
EUVD-2025-139068
Malicious code in nuyar-mar-af npm...
EUVD-2025-139058
Malicious code in nuyar-mar-aiforx npm...
EUVD-2025-139057
Malicious code in nuyar-mar-aiforxa npm...
EUVD-2025-139059
Malicious code in nuyar-mar-aifor npm...
EUVD-2025-139064
Malicious code in nuyar-mar-afadaff npm...
Malicious code in nuyar-mar-aiforx (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a00cad89bca29ca05edad38de0d804751f827d6d04c6e3b19e98058f9b1691ea This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-139062
Malicious code in nuyar-mar-afadf npm...
EUVD-2025-139063
Malicious code in nuyar-mar-afadaffn npm...
EUVD-2025-139061
Malicious code in nuyar-mar-aif npm...