EUVD-2025-84782

Malicious code in maximumwhitefishz3n npm...

EUVD-2025-53317

Malicious code in maximum-white-porcupine npm...

Malicious code in maximum-white-porcupine (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d8c02c7ac59b593ead2e56fea626acd3c9abdbb47164b3a702aeb4d7ee9fa9d1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-58384

Malicious code in maximumstoatz3n npm...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the WriteRelationships function when the exclusion operator is used in the authorization schema and the server is configured with --write-relationships-max-updates-per-call greater...

MAL-2025-60828 Malicious code in maximum_condor_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 629353b5697bc99c7af630ea540b8037a900c65597e41e3a014a1a841746ec1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in maximum_condor_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 629353b5697bc99c7af630ea540b8037a900c65597e41e3a014a1a841746ec1c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-46411

Malicious code in maximumprimatez3n npm...

CVE-2025-63457

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the sub4F55C function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990577 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix transfer-buffer overflows The driver uses endpoint-sized USB transfer buffer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989025)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989025 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: Fix a data-race around sysctltcpmtuprobefloor. While reading sysctltcpmtuprobefloor, it can ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990287 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the length + 4...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989861 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the length + 4...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990166)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990166 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211wextsiwscan', add extra check...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990353 advisory. In the Linux kernel, the following vulnerability has been resolved: leds: class: Protect brightnessshow with ledcdev-ledaccess mutex There is NULL pointer issue...

kernel: eventpoll: Fix semi-unbounded recursion

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: bridge: Fixed a soft lockup issue in brmulticastqueryexpired. When setting multicastqueryinterval to a large value, the local variable time in brmulticastsendquery may overflow. If the time is less than a few milliseconds, t...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: eventpoll: Fixed semi-unbounded recursion. Ensured that epoll instances never form a graph with more than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is free of loops and performs some recursion depth...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: LoongArch: Optimized module load time by optimizing PLT/GOT counting. When CONFIGKASAN, CONFIGPREEMPTVOLUNTARYBUILD, and CONFIGPREEMPTVOLUNTARY are enabled simultaneously, a soft deadlock may occur. The relevant logs are as...