16 matches found
gnutls security update
3.8.3-10fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux Orabug: 35925409 3.8.3-10 - Fix PKCS11 token initialization label overflow CVE-2025-9820 - Fix name constraint processing performance issue...
openssl security update
3.5.1-7.0.1fips - Update additional upstream references - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name Orabug: 35824276 3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable...
MAL-2025-179030 Malicious code in tersui-patrip-muli (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2a1a037f4a3eca6c0fd80b26a6d0d2314fc025b469bd3fdb2b58d5624a7df1ba This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in poglymer-ogih-gafiga (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c723ca3dea31c23aed971b4a737be0b0e07ca4c7b25508c5199463629a55dda9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-163250 Malicious code in nokire-nana91 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d48c305b30e8afa04cbbe9a948f8c846e35f38b438d7bf9b5250b59e6a72fca6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-145204 Malicious code in mui-mysql-mysql-sails (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 089dc09fc9fb3f57c1f9e78a954418a64a29db65194c700ebe3e78748d414fe5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-136552 Malicious code in reluctant_slug_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 351d5b39e13b6f2c05bcd693a4d48fafdaed6cd938a6d58c784d23909002a985 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in bambang-bika84-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 26b748bf57c6b4988703c5a0fade04762d05289d2cdfa37157af6d31dc8484fa This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in subtle_bedbug_0xrequest (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 78188bc3c1b2ac08724db2e7b74e0224f03c73497f6c94eeb09083bde18d8ee3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in eko-keripik52-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4c96c1287b0d2b073b34540b66f22df6070d8df3a4889b0fe292deb22cd572e0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in salty_chimpanzee_z3n (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5db957c006dd0414e0b9fbe229a5aeb2f49501435c8b26c1d59bbb59db85b7cc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2023-25185
Malicious code in bioql PyPI...
CVE-2025-9867
Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
gnutls security update
3.8.3-4fips - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35925409 - Update FIPS module name for Oracle Linux Orabug: 35925409 3.8.3-4 - Bump release to ensure el9 package is greater than el9 packages 3.8.3-3 - Bump release to ensure el9 package is greater than...
Unsafe deserialization in Apache MINA SSHD
Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD = 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys ...
Medium: php55
Issue Overview: An integer underflow flaw leading to out-of-bounds memory access was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash or, possibly, execute arbitrary code when opened. CVE-2015-4021 An integer overflow flaw leading to...