CVE-2026-23413

In the Linux kernel, the following vulnerability has been resolved: clsact: Fix use-after-free in init/destroy rollback asymmetry Fix a use-after-free in the clsact qdisc upon init/destroy rollback asymmetry. The latter is achieved by first fully initializing a clsact instance, and then in a seco...

@certd/commercial-core (>=1.25.9 <=1.40.5), @certd/lib-server (>=1.36.25 <=1.40.5) +32 more potentially affected by CVE-2025-62595 via koa (=2.16.2)

koa NPM version =2.16.2 is affected by a known vulnerability. The following packages have a transitive dependency on koa and may be impacted: - @certd/commercial-core =1.25.9, =1.36.25, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.19.3, =3.20.11,...

Malicious code in midway-dataproxy (npm)

The package midway-dataproxy was found to contain malicious code...

MAL-2025-26312 Malicious code in midway-xtpl (npm)

The package midway-xtpl was found to contain malicious code...

MAL-2025-26311 Malicious code in midway-logger (npm)

The package midway-logger was found to contain malicious code...

Malicious code in midway-cache (npm)

The package midway-cache was found to contain malicious code...

Malicious code in midway-xtpl (npm)

The package midway-xtpl was found to contain malicious code...

MAL-2025-26310 Malicious code in midway-dataproxy (npm)

The package midway-dataproxy was found to contain malicious code...

MAL-2025-26309 Malicious code in midway-cache (npm)

The package midway-cache was found to contain malicious code...

Malicious code in midway-logger (npm)

The package midway-logger was found to contain malicious code...

SUSE CVE-2020-15863

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial o...

Malicious code in purple_team_midway_cenario_1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e78d943ca5c3b25d23aef36ac8b32d6df51c114bcae3b18f06ec806927f3bab0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in purple_team_midway (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 48e1d2b1fbe20521d638df7232e8617a51354104986647c485570374818b08c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in purple_team_midway_3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e40f181749a8f708b27116a5ebf463e016a429d79b88a02dce3c38bbdeb65f38 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in purple_team_midway_2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f1090576e788b78404457c1ebcc9bdc3ad31cd07bafd6331cda384ea540e1ef8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

coloradosmidway.com Cross Site Scripting vulnerability OBB-1423551

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Malicious Package in midway-dataproxy

All versions of midway-dataproxy contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

GHSA-W65V-HX54-XRQX Malicious Package in midway-xtpl

All versions of midway-xtpl contain malicious code. The package uploads system information to a remote server, downloads a file and executes it. Recommendation Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that...

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555.

...

CVE-2020-15863

hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial o...