252573 matches found
Astra Linux - уязвимость в node-tar
node-tar is a fully featured Tar library for Node.js. When using default options in versions 7.5.7 and below, an attacker-controlled archive can create a hardlink within the extraction directory that points to a file outside of the extraction root. This allows arbitrary file reading and writing b...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure that the reference to the DMA master OF node is also removed during late route allocation failures...
Astra Linux – Vulnerability in yaml-cpp
The SingleDocParser::HandleNode function in yaml-cpp also known as LibYaml-C++ 0.5.3 allows remote attackers to cause a denial of service resource consumption and application crash through a crafted YAML file...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: ARM: OMAP2+: Fixed a refcount leak in oprsdssinitof. In omapdssfinddssofnode, the function offindcompatiblenode is called to obtain a device node. offindcompatiblenode returns a node pointer with a refcount incremented; we...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The synchronization of ofchangesetDestroy with devlink removals was addressed. In the following sequences: 1 ofplatformdepopulate 2 ofoverlayremove During step 1, devices are destroyed, and devlinks are removed. During step 2, OF...
Astra Linux – Vulnerability in node-glob-parent
This affects the glob-parent package before version 5.1.2. The enclosure regex used to check for strings ending with an enclosure containing a path separator is affected...
websec-sql-injection
WebSec SQL Injection Учебный backend-проект по безопасности в...
@aaasd/pocpoc (=99.99.9996), internal-company-module-test-1337 (>=99.99.9991 <=99.99.9995) potentially affected by unknown CVE via internal-company-module-test-1337 (=99.99.9996)
internal-company-module-test-1337 NPM version =99.99.9996 is affected by a known vulnerability. The following packages have a transitive dependency on internal-company-module-test-1337 and may be impacted: - @aaasd/pocpoc =99.99.9996 - internal-company-module-test-1337 =99.99.9991, =99.99.9995...
MAL-2026-3297 Malicious code in ally-call-wait-time (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20246193f2fbde13a2dccd6325c1d46a7fec7e8491b4df3ae6fefa85eff99bbf The package ally-call-wait-time was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3289 Malicious code in @allybank/ally-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d33aa2edae61b25d620c43d0a5a6223ff28bd128a7fdb5525d25b5c867d52568 The package @allybank/ally-sdk was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3295 Malicious code in ally-antivirus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7e5527c47f32b162abebfbbb8a15c8871ef050e5e0b07f8096b573cab2e6dfec The package ally-antivirus was found to contain malicious code. Source: ghsa-malware 094da0aa0245426ad224e9b2a072377a3c07bfc191bc3fab1d2060cdeaf79387...
MAL-2026-3292 Malicious code in @breeze-ai/ui-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ca524608c9ab3d41715be26a354c2a643216f0bb79c8aec50de4f5e6b6ee523 The package @breeze-ai/ui-library was found to contain malicious code. Source: ghsa-malware...
Malicious code in apcyber-test-package (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4386e2b20fb74fe5b131a23550b9550b4539a3f79056ea8ad08f502453409737 The package apcyber-test-package was found to contain malicious code. Source: ghsa-malware...
Malicious code in ally-whitelist (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector db0425c83302370ea529e2baaabc1ada94b5515fb01d3437ed45bbc766e4e8f4 The package ally-whitelist was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3290 Malicious code in @allyfinancial/allyfinancial-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 274ff2ac2c7d1051fa268e63d390bb70d6b731bcdaebb94f87251067b62d37af The package @allyfinancial/allyfinancial-api was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3301 Malicious code in ally-json-threat-protect (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb4a9c944048dc2fdb9d7ee1039eff0984813556164a746b249d5e4aaa80069f The package ally-json-threat-protect was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3302 Malicious code in ally-starter-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ac9875cbfe312bac49b96d321664e13d98ff6214d38db1d0b3339500a83204cc The package ally-starter-api was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3300 Malicious code in ally-forms (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a3b62d3c11f608087ea0651eb467ec7e0c9e43258abb6df889f64c8d1a6eb61 The package ally-forms was found to contain malicious code. Source: ossf-package-analysis...
MAL-2026-3298 Malicious code in ally-ccapi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b70ba9950b3624a3cb0afb844592910fe317569f314fd6681870857d638b1cfc The package ally-ccapi was found to contain malicious code. Source: ghsa-malware c3a850b3a4466c4cc00dee663a54c3bcc8a23c9c74e5e01a9b14f27b616d9934 Any...
MAL-2026-3296 Malicious code in ally-badges (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 628f679ca3d11168a5d0e0930680b72c113158a013369f538a273ce91cb5e5a6 The package ally-badges was found to contain malicious code. Source: ghsa-malware 9c052706f47011272c0f6a24723dc146f15603ac21d81708fa2b91678889df60 An...