209 matches found
Astra Linux – Vulnerability in edk2
EDK2’s Network Package is vulnerable to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of availability...
Astra Linux – Vulnerability in edk2
EDK2’s Network Package is vulnerable to an infinite loop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of availability...
Astra Linux - уязвимость в edk2
EDK2’s Network Package is vulnerable to a buffer overflow vulnerability due to the long server ID option in DHCPv6 clients. This vulnerability can be exploited by an attacker to gain unauthorized access and may result in a loss of confidentiality, integrity, and/or availability...
Astra Linux - уязвимость в edk2
EDK2’s Network Package is vulnerable to an out-of-bounds read vulnerability when processing the Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially result in a loss of confidentiality...
Malicious Package
Overview @w3m-app/switchnetwork is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
Malicious code in @w3m-app/switch_network (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a7b0fe342478f8fa59c7d24a50e0105c12841f0ef1b7e96443843c2f3eba85a5 The package @w3m-app/switchnetwork was found to contain malicious code. Source: ghsa-malware...
Astra Linux – Vulnerability in edk2
EDK2’s Network Package is vulnerable to a buffer overflow vulnerability when handling the Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity, and/or...
Astra Linux - уязвимость в edk2
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality...
Astra Linux – Vulnerability in edk2
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows...
CLEANSTART-2026-SB25660 net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines
Multiple security vulnerabilities affect the falcosidekick-fips package. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. See references for individual vulnerability details...
CLSA-2025-1764062286 edk2: Fix of 2 CVEs
CVE-2023-45236: fix TCP Initial Sequence Number generation in NetworkPkg to prevent predictable sequence numbers - CVE-2023-45237: fix weak pseudo-random number generator in NetworkPkg to prevent predictable TCP sequence numbers...
EUVD-2023-49541
Malicious code in bioql PyPI...
EUVD-2023-49539
Malicious code in bioql PyPI...
EUVD-2023-49537
Malicious code in bioql PyPI...
EUVD-2023-49536
Malicious code in bioql PyPI...
EUVD-2023-49538
Malicious code in bioql PyPI...
EUVD-2023-49542
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-33194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service infinite loop via crafted ParseFragment input...
MAL-2025-5547 Malicious code in display-network (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e78e5b2fe65f6308498ccfa5b495c03552bb487edb112458f3f6aebbc76b0d65 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
TencentOS Server 3: edk2 (TSSA-2024:0393)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0393 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...