125154 matches found
MAL-2026-4588 Malicious code in ionic-insta-api-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 44363ea3b97b18ea938430059144fd219a58b93d04149e45da97c60322ff4868 This package presents itself as an Instagram API wrapper but silently forwards caller-supplied Instagram credentials and session data to a hardcoded...
CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
DEBIAN-CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
UBUNTU-CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
copy-fail CVE-2026-31431 Copy Fail – a C language PoC,...
CVE-2026-44053
Netatalk 1.5.0–4.2.2 uses weak cryptography in the DHCAST128 UAM, enabling remote credential theft or user impersonation. The issue is fixed in Netatalk 4.5.0. Affected products: Netatalk 1.5.0–4.2.2; vulnerability: weak cryptographic algorithm in DHCAST128 UAM; impact: confidentiality and integr...
CVE-2026-44053 Weak cryptography in DHCAST128 UAM
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
EUVD-2026-31232
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
CVE-2026-44053 Weak cryptography in DHCAST128 UAM
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
CVE-2026-44053
Netatalk 1.5.0 through 4.2.2 uses a broken cryptographic algorithm in the DHCAST128 UAM, which allows a remote attacker to obtain authentication credentials or impersonate a user via cryptanalytic attack...
Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access OIDC Provider
Summary Security vulnerabilities have been addresed in IBM Verify Identity Access OIDC Provider Vulnerability Details CVEID:CVE-2026-39883 DESCRIPTION: OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to...
Malicious code in dot-utils-plus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3091b9bb8cbf714d9391a59f7303a3748e183bbdf0fba2264b7496a2072e717f On every import, dist/index.js base64-decodes a hardcoded AES-256-CBC ciphertext, derives a key from environment variable VITEDOTUTILSAESSECRET,...
MAL-2026-4549 Malicious code in dot-utils-plus (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3091b9bb8cbf714d9391a59f7303a3748e183bbdf0fba2264b7496a2072e717f On every import, dist/index.js base64-decodes a hardcoded AES-256-CBC ciphertext, derives a key from environment variable VITEDOTUTILSAESSECRET,...
[SECURITY] Fedora 43 Update: rsync-3.4.1-6.fc43
Rsync uses a reliable algorithm to bring remote and host files into sync very quickly. Rsync is fast because it just sends the differences in the files over the network instead of sending the complete files. Rsync is often used as a very powerful mirroring process or just as a more capable...
autopenx
AutoPenX – A fully automated CTF-solving & penetration testing...
PT-2026-42614
📋 Reframing 2026-05-02: implicit unsafe remote-code path, not "supply-chain" The accurate description of this vulnerability is: "get model arch and related helpers hardcode trust remote code=True with no opt-out, creating an implicit unsafe remote-code load path on every model fetch." What this...
PT-2026-42410
Name of the Vulnerable Software and Affected Versions Netatalk versions 1.5.0 through 4.2.2 Description The DHCAST128 UAM User Authentication Module uses a broken cryptographic algorithm. This allows a remote attacker to perform a cryptanalytic attack to obtain authentication credentials or...