Lucene search
K

1644 matches found

OSV
OSV
added 2026/04/28 12:4 a.m.16 views

RLSA-2026:10710 Important: pcs security update

The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Security Fixes: lodash: lodash: Arbitrary code execution via untrusted input in template imports CVE-2026-4800 For more details about the security issues, including the impact, a CVSS score,...

8.1CVSS6AI score0.01735EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/04/14 12:0 a.m.8 views

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2026-429:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-429:01 advisory. cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url...

8.6CVSS5.9AI score0.00728EPSS
Exploits0References3
Rockylinux
Rockylinux
added 2026/04/08 6:0 a.m.13 views

go-toolset:rhel8 security update

An update is available for module.delve, module.golang, delve, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming...

8.6CVSS7.1AI score0.00728EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/04/08 12:41 a.m.6 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

8.6CVSS7.1AI score0.00532EPSS
Exploits0References8
OSV
OSV
added 2026/03/26 12:0 a.m.13 views

ALSA-2026:5941 Important: golang security update

The golang packages provide the Go programming language compiler. Security Fixes: cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive CVE-2025-61731 net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 For more details about the security issues, including...

8.6CVSS5.9AI score0.00728EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.4 views

CVE-2026-3697

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS6.3AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 2026/03/08 2:16 a.m.6 views

CVE-2026-3697

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS0.00247EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/08 1:32 a.m.4 views

CVE-2026-3697 Planet ICG-2510 Language Package Configuration httpd sub_40C8E4 stack-based overflow

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS7.1AI score0.00247EPSS
Exploits0References4
CVE
CVE
added 2026/03/08 1:32 a.m.26 views

CVE-2026-3697

Planet ICG-2510 1.0_20250811 is affected by CVE-2026-3697. The vulnerable element is function sub_40C8E4 in /usr/sbin/httpd within the Language Package Configuration Handler. A manipulation of the Language argument can cause a stack-based buffer overflow, with the attack described as remotely exe...

6.5CVSS7.1AI score0.00247EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/08 1:32 a.m.47 views

CVE-2026-3697 Planet ICG-2510 Language Package Configuration httpd sub_40C8E4 stack-based overflow

A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...

6.5CVSS0.00247EPSS
Exploits0References4
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-185782 Malicious code in beta-key-promise-socket-file (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ebad79cce7e400d887bd619f66393a1012518f16bdabeeded43fbc8577048891 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-189372 Malicious code in scale-phi-deserialize-nu-sed (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3da7cfb294f277c58d7e8fe6484b55c4210fc860ea9b97bd8165568c264fb168 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.4 views

MAL-2025-185548 Malicious code in arcturus-phenomic-glaciology-promise (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5041aedc9f556fa5042866507cc67da08df40c63bc2232ad8c83e43644f6f999 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.6 views

MAL-2025-187990 Malicious code in mesosphere-jupiter-sirius-spinner (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9644d9c205b35461491024d83d86512d91f81d021787e7443dcc5b68ff0c4ede This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSV
OSV
added 2025/11/13 3:23 a.m.3 views

MAL-2025-187264 Malicious code in halley-bioinformatics-mui-venus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 662312aa6ad2beee5a2348e5ded7008cd22d42f7258a0e9670509dd2889d5910 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in robotics-auriga-eclipse-parcel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45c8603622ee8e5a543e52a8e1616d015299b855bbd4ffd91c72063efc39f558 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in halley-pm2-semantic-ui-commitlint-config-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 207baa0abd8ece63fe60c3b6ed72245a1fbd0ab7acbb419f0f280f5e15470fb9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.7 views

Malicious code in awk-node-abstract-interpret-alert (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e57b94267f695268b2205969adaa9a5ec8130180999c45d34e32b1a23caa7f70 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.5 views

Malicious code in aether-hologram-genomics-xanthus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91fd696e3d7bb6d4aa0cae1f564fd1879823fe90d9e33b77c646528afe0a0d30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/13 3:23 a.m.6 views

Malicious code in warp-asthenosphere-ganymede-publish (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8a92ebd310cc475e2b9ba6eae8284cedf4b60c8bbc57a74d40d2b6dfbaceb30 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder