Improper Verification of Cryptographic Signature

Overview Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the VerifyDelegate function. An attacker in control of a compromised TUF repository can bypass signature validation and modify metadata files by setting the signature threshold to 0...

Malicious code in cindy-lumpur90-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 87072a5423dcd6e2952cdc568fea3e3f92a54bb4b5e68c2730653129b0a38774 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious Package

Overview @pumpswap-sdk4/metadata is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...

Malicious code in @pumpswap-sdk4/metadata (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00e7cebe75e2b9e547a927e980ce03c494aa875762beaba4541eb71ef7222566 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2005-0192

Malware in sbrugna...

SUSE SLES12 Security Update : regionServiceClientConfigAzure (SUSE-SU-2025:03169-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03169-1 advisory. This update for regionServiceClientConfigAzure contains the following fixes: - Update to version 3.0.0. bsc1246995 - SLE 16 python-requests...

SUSE-SU-2025:03171-1 Security update for regionServiceClientConfigGCE

This update for regionServiceClientConfigGCE contains the following fixes: - Update to version 5.0.0. bsc1246995 + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update conditional to handle name change of metadata...

Security update for regionServiceClientConfigAzure

This update for regionServiceClientConfigAzure contains the following fixes: Update to version 3.0.0. bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update dependency name for metadata package, name change in S...

SUSE-SU-2025:03169-1 Security update for regionServiceClientConfigAzure

This update for regionServiceClientConfigAzure contains the following fixes: - Update to version 3.0.0. bsc1246995 + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update dependency name for metadata package, name chang...

SUSE SLES15 / openSUSE 15 Security Update : regionServiceClientConfigAzure (SUSE-SU-2025:03117-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03117-1 advisory. This update for regionServiceClientConfigAzure contains the following fixes: - Update to version 3.0.0.bsc1246995 - SLE 16...

Security update for regionServiceClientConfigGCE

This update for regionServiceClientConfigGCE contains the following fixes: Update to version 5.0.0 bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update conditional to handle name change of metadata package in...

SUSE-SU-2025:03119-1 Security update for regionServiceClientConfigGCE

This update for regionServiceClientConfigGCE contains the following fixes: - Update to version 5.0.0 bsc1246995 + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update conditional to handle name change of metadata packa...

Security update for regionServiceClientConfigAzure

This update for regionServiceClientConfigAzure contains the following fixes: Update to version 3.0.0.bsc1246995 SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. Update dependency name for metadata package, name change in SL...

SUSE-SU-2025:03117-1 Security update for regionServiceClientConfigAzure

This update for regionServiceClientConfigAzure contains the following fixes: - Update to version 3.0.0.bsc1246995 + SLE 16 python-requests requires SSL v3 certificates. Update 2 region server certs to support SLE 16 when it gets released. - Update dependency name for metadata package, name change...

MAL-2025-41451 Malicious code in @metadata-ipfs/validate-hash (npm)

--- -= Per source details. Do not edit below this line.=-...

Linux Distros Unpatched Vulnerability : CVE-2021-23792

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package com.twelvemonkeys.imageio:imageio-metadata before 3.7.1 are vulnerable to XML External Entity XXE Injection due to an insecurely initialized XML...

Malicious code in ttf-metadata (npm)

--- -= Per source details. Do not edit below this line.=- Source: checkmarx a8165c5b54908b5702e7a9b3b1fb7ac5d71d1ba10ea6e426237f526c4dfe1a91 Lazarus Group targeting blockchain and cryptocurrency companies by exploiting software supply chains through malicious npm packages and social engineering...

RealPlayer v11.0 (.rmp) Buffer Overflow

Exploit for windows platform in category local exploits !/usr/bin/perl Title : RealPlayer v11.0 .rmp Buffer Overflow Author : KedAns-Dz E-mail : email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : Windows Impact : Buffer Overflow Tested...