CVE-2021-41537

A vulnerability has been identified in Solid Edge SE2021 All versions SE2021MP8. The affected application contains a use-after-free vulnerability while parsing OBJ files. An attacker could leverage this vulnerability to execute code in the context of the current process ZDI-CAN-13789...

CVE-2022-35902

An issue was discovered in Bentley MicroStation before 10.17.0.x and Bentley View before 10.17.0.x. Using an affected version of MicroStation or MicroStation-based application to open an OBJ file containing crafted data can force an out-of-bounds read. Exploitation of these vulnerabilities within...

CVE-2026-21875

CVE-2026-21875 affects ClipBucket v5 and earlier builds up to 5.5.2-#187. The vulnerability arises from a Blind SQL Injection in the channel comment flow: when a user submits a comment, a POST to /actions/ajax.php passes the obj_id parameter to functions in upload/includes/classes/user.class.php ...

CVE-2025-63950

An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b 2023-02-28. The 'obj' parameter receives base64-encoded data that is passed directly to the unserialize function without validation...

CVE-2025-63950

An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b 2023-02-28. The 'obj' parameter receives base64-encoded data that is passed directly to the unserialize function without validation...

UBUNTU-CVE-2025-68189

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix GEM free for imported dma-bufs Imported dma-bufs also have obj-resv != &obj-resv. So we should check both this condition in addition to flags for handling the NOSHARE case. Fixes this splat that was reported with IRI...

CVE-2025-40348 slab: Avoid race on slab->obj_exts in alloc_slab_obj_exts

In the Linux kernel, the following vulnerability has been resolved: slab: Avoid race on slab-objexts in allocslabobjexts If two competing threads enter allocslabobjexts and one of them fails to allocate the object extension vector, it might override the valid slab-objexts allocated by the other...

kernel security update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

AlmaLinux 8 : kernel-rt (ALSA-2025:22800)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:22800 advisory. kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in rxerequester...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in rxerequester CVE-2023-53539 kernel: RDMA/rxe: Fix mr-map...

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: mm: kmem: fix a NULL pointer dereference in objstockflushrequired CVE-2023-53401 kernel: RDMA/rxe: Fix incomplete state save in...

modest-mongo (>=1.0.0 <=1.1.0), obj-validate (>=1.0.0 <=2.0.2) potentially affected by unknown CVE via samesame (=1.0.2)

samesame NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on samesame and may be impacted: - modest-mongo =1.0.0, =1.0.0, =2.0.2 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191419...

EUVD-2025-199227

Malicious code in obj-to-css npm...

MAL-2025-191136 Malicious code in obj-to-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16c28013383e05a71d5da9d3d7c0d685a6355e42251a9527e769061e13ce54bb The package obj-to-css was found to contain malicious code. Source: ghsa-malware ada9fa1c509e4ac91c240ba95d3953b53291943071c42aa967d243bd17682078 Any...

css-dedoupe (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via obj-to-css (=1.0.1)

obj-to-css NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on obj-to-css and may be impacted: - css-dedoupe =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191136...

Malicious code in obj-to-css (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16c28013383e05a71d5da9d3d7c0d685a6355e42251a9527e769061e13ce54bb The package obj-to-css was found to contain malicious code. Source: ghsa-malware ada9fa1c509e4ac91c240ba95d3953b53291943071c42aa967d243bd17682078 Any...

MAL-2025-190950 Malicious code in compare-obj (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1892ab55a1dcdd44c7f030aef1ae76a865ffffe4b7a0d4a0492696c149db2e4d The package compare-obj was found to contain malicious code. Source: ghsa-malware 3a7310cc13d858af4c2dfc25ec5d42cf6aa52b00dd7fc28ba0ee069a68e7551b An...

EUVD-2025-199093

Malicious code in compare-obj npm...

Malicious code in compare-obj (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1892ab55a1dcdd44c7f030aef1ae76a865ffffe4b7a0d4a0492696c149db2e4d The package compare-obj was found to contain malicious code. Source: ghsa-malware 3a7310cc13d858af4c2dfc25ec5d42cf6aa52b00dd7fc28ba0ee069a68e7551b An...

css-dedoupe (>=0.1.0 <=0.1.1) potentially affected by unknown CVE via obj-to-css (=1.0.1)

obj-to-css NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on obj-to-css and may be impacted: - css-dedoupe =0.1.0, =0.1.1 Source cves: unknown CVE Source advisory: SNYK:JS-OBJTOCSS-14103674...