The Hidden Dangers of Public Serverless Repositories: An Empirical Security Assessment

Serverless computing has rapidly emerged as a prominent cloud paradigm, enabling developers to focus solely on application logic without the burden of managing servers or underlying infrastructure. Public serverless repositories have become key to accelerating the development of serverless...

CVE-2025-10220 Outdated Third-Party NuGet Packages in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4

Use of Unmaintained Third Party Components CWE-1104 in the NuGet dependency components in AxxonSoft Axxon One VMS 2.0.0 through 2.0.4 on Windows allows a remote attacker to execute arbitrary code or bypass security features via exploitation of vulnerable third-party packages such as...

Fedora 40 : rust-hyper-rustls / rust-reqwest / rust-rustls-native-certs / etc (2024-bf524bf5c0)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-bf524bf5c0 advisory. - Update the hyper-rustls crate to version 0.27.3. - Update the reqwest crate to version 0.12.8. - Update the rustls-native-certs crate to version 0.8.0 and...

Oracle Linux 8 : ol8addon (ELSA-2022-23681)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-23681 advisory. golang 1.17.13-1.0.1 - Update tarball to 1.17.12 - Add patches between Go 1.17.12 and Go 1.17.13 - Reviewed-by: David Faust 1.17.12-1 - Update Go to...

GHSA-HV53-VF5M-8Q94 personnummer/go vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2021:2618-1)

"The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:2618-1 advisory. - This affects the package y18n before 3.2.2, 4.0.1 and 5.0.5. PoC by po6ix: const y18n = require'y18n' %NASLMINLEVEL 70300 C Tenable...

GHSA-VP9C-FPXX-744V personnummer/ruby vulnerable to Improper Input Validation

This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure. The vulnerability is determined to be low severity. Impact This vulnerability impacts...

SuSE Security Summary SUSE-SR:2009:002

The remote host is missing updates announced in advisory SUSE-SR:2009:002. SuSE Security Summaries are short on detail when it comes to the names of packages affected by a particular bug. Because of this, while this test will detect out of date packages, it cannot tell you what bugs impact which...

FreeBSD Ports : Multiple Browsers Frame Injection

The remote host is running one of the following package : kdelibs 3.2.33 kdebase 3.2.31 7.50 = linux-opera 7.52 7.50 = opera 7.52 firefox 0.9 linux-mozilla 1.7 linux-mozilla-devel 1.7 mozilla-gtk1 1.7 mozilla 1.7,2 netscape7 7.2 These packages contain a bug which may allow an attacker to perform ...

DSA-280 samba - buffer overflow

Bulletin has no description...