Medium: amazon-cloudwatch-agent

Issue Overview: net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing arbitrary ZIP archives CVE-2025-61728 crypto/tls: handshake messages may be processed at the incorrect encryption level CVE-2025-61730 crypto/tls: Config.Clone copies...

MAL-2025-151524 Malicious code in abu-poke17 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4494c5bf46e77a1e9137c00d3925bc43e22aab55f297b9a213220659cb6b5100 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-153589 Malicious code in avomainah-frid-fafuada (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 744dc867691707e4ea91b083c43cea94257ec233b7c42c95d8c659fa80c36840 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-170508 Malicious code in verify-technical-bisa (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5b6eec2766ab6b56ea02aff183e67137cb626df3df8958bf17be93991b153af7 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-126663 Malicious code in galih-empal80-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e21b36d1ab115fad0b8a8d5d41e2a97d42e10e2284a40de96330c46396f01111 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in sari-kupat21-wekto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 422f2fc7b088f8dc3e19ad10f2cd224800679b5020985d7d41a041ff1c7b6e25 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-87396 Malicious code in kresna-dradag29-riris (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ce4191dcdfb68b3da7d58aeaa384e7d99bbeceeee2d4d526de2e4fadff4a2824 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Important: kernel-livepatch-6.1.150-174.273

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix backlog accounting in qdiscdequeueinternal CVE-2025-39677 In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bamdma: Fix DT error handling for num-channels/ees...

Medium: cuda-runtime-12-9

Issue Overview: NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service. CVE-2025-23272 Affected Packages:...

[SECURITY] [DLA 4269-1] ca-certificates-java bugfix update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4269-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès August 11, 2025 https://wiki.debian.org/LTS -...

Mageia: Security Advisory (MGASA-2024-0212)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

new packages: minicom

An update is available for minicom. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

new packages: bc

An update is available for bc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

new packages: hyphen-te

An update is available for hyphen-te. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterpri...

new packages: libtool

An update is available for libtool. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

new packages: rteval

An update is available for rteval. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

SUSE SLED15 / SLES15 Security Update : zstd (SUSE-SU-2020:1396-2)

This update for zstd fixes the following issues : Fix for build error caused by wrong static libraries. bsc1133297 Correction in spec file marking the license as documentation. bsc1082318 Add new package for SLE-15. jscECO-1886 Note that Tenable Network Security has extracted the preceding...

SUSE-SU-2020:1396-3 Security update for zstd

This update for zstd fixes the following issues: - Fix for build error caused by wrong static libraries. bsc1133297 - Correction in spec file marking the license as documentation. bsc1082318 - Add new package for SLE-15. jscECO-1886...

SUSE SLED15 / SLES15 Security Update : zstd (SUSE-SU-2020:1396-1)

This update for zstd fixes the following issues : Fix for build error caused by wrong static libraries. bsc1133297 Correction in spec file marking the license as documentation. bsc1082318 Add new package for SLE-15. jscECO-1886 Note that Tenable Network Security has extracted the preceding...

CVE-2020-14011

Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features...