Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the module loader failing to check the boundaries of the stshndx symbol, potentially leading to a...

SUSE-SU-2025:4477-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: - CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 - CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 - Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-90...

Malicious code in taurus-module-style-loader-docusaurus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f6f458ad29f3855a38854e4aee7cb2e60dbad295cb3fa1b3daef65ccb8840a9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-17375 Malicious code in com.unity.xrtools.module-loader (npm)

The package com.unity.xrtools.module-loader was found to contain malicious code...

CVE-2023-38704 import-in-the-middle allows unsanitized user controlled input in module generation

import-in-the-middle is a module loading interceptor specifically for ESM modules. The import-in-the-middle loader works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original module and add some wrapping code. Prior to version 1.4.2, it allows for...

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service due to [CVE-2022-37603]

Summary Node.js module loader-utils is used by IBM App Connect Enterprise Certified Container by DesignerAuthoring operands. IBM App Connect Enterprise Certified Container DesignerAuthoring operands may be vulnerable to denial of service. This bulletin provides patch information to address the...

SUSE CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...

SUSE CVE-2011-2912

Stack-based buffer overflow in the CSoundFile::ReadS3M function in src/loads3m.cpp in libmodplug before 0.8.8.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted S3M file with an invalid offset...

steal 安全漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal version 2.2.4, which stems from prototype contamination via alias variables in babel.js...

steal 安全漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which results in a steal Regular Expression Denial of Service ReDoS via input variables in main.js...

steal 资源管理错误漏洞

steal is StealJS open source an extensible general-purpose module loader . It can load JavaScript modules defined in ES6, AMD and CommonJS formats. A security vulnerability exists in steal 2.2.4, which originates from a StealJS Regular Expression Denial of Service ReDoS via the source and...

The vulnerability of the njs_default_module_loader function in the njs interpreter of the nginx server allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the njsdefaultmoduleloader function /src/njs/src/njsmodule.c in the njs interpreter of the nginx server is caused by an overflow of the stack buffer. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

CVE-2022-29379

Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njsdefaultmoduleloader at /src/njs/src/njsmodule.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release...

CVE-2022-29379

Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njsdefaultmoduleloader at /src/njs/src/njsmodule.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release...

NGINX JavaScript 缓冲区错误漏洞

NGINX JavaScript is an extension to the NGINX open source. A buffer error vulnerability exists in NGINX JavaScript version v0.7.3, which stems from a stack overflow in function njsdefaultmoduleloader in /src/njs/src/njsmodule.c. The vulnerability is caused by a stack overflow in function...

PT-2022-3849 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.3 Description: The issue is caused by a stack overflow in the njs default module loader function at /src/njs/src/njs module.c of the Nginx NJS interpreter. This could allow a remote attacker to impact the confidentiality...

VulnCheck KEV: CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...

Linux Kernel < 2.4.20 Module Loader Local Root Exploit

No description provided by source. / Linux Kernel Module Loader Local R00t Exploit Up to 2.4.20 By anonymous KuRaK include stdio.h include stdlib.h include signal.h include fcntl.h include errno.h include unistd.h include sys/types.h include sys/stat.h include sys/ptrace.h include sys/wait.h...

Fedora Update for mingw32-libltdl FEDORA-2010-2943

Check for the Version of mingw32-libltdl OpenVAS Vulnerability Test Fedora Update for mingw32-libltdl FEDORA-2010-2943 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...

Fedora Update for mingw32-libltdl FEDORA-2010-2341

Check for the Version of mingw32-libltdl OpenVAS Vulnerability Test Fedora Update for mingw32-libltdl FEDORA-2010-2341 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify...