MAL-2025-191359 Malicious code in @voiceflow/nestjs-rate-limit (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3a0dac1431983489842c368c5db298d65dc30278340ee47cf01c5fb3fc2f178b The package @voiceflow/nestjs-rate-limit was found to contain malicious code. Source: google-open-source-security...

CentOS: Security Advisory for java-11-openjdk (CESA-2023:5736)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Moderate: Red Hat Security Advisory: java-11-openjdk security and bug fix update

An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

ALSA-2023:5742 Moderate: java-11-openjdk security and bug fix update

The java-11-openjdk packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. Security Fixes: OpenJDK: certificate path validation issue during client authentication 8309966 CVE-2023-22081 For more details about the security issues, including the...

CVE-2023-41267 Apache HDFS Provider error message suggested installation of incorrect pip package

In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. As this package name was unclaimed, in theory, an attacker could claim this package and provide code that would be executed when this package was installed. The...

CVE-2017-18226

The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM cat...

icedtea-web security, bug fix, and enhancement update

1.6.2-1 - updated to 1.6.2 - fixed also rhbz1303437 - package owns /etc/bashcompletion.d but it should not own it - Resolves: rhbz1275523 1.6.1-4 - updated to 1.6.1 - Resolves: rhbz1275523...

openSUSE Security Update : libvirt (openSUSE-SU-2014:1290-1)

CVE-2014-3657: Fix domain deadlock fc22b2e7-CVE-2014-3657.patch bsc899484 - CVE-2014-3633: Use correct definition when looking up disk in qemu blkiotune 3e745e8f-CVE-2014-3633.patch bsc897783 - spec: libvirt-daemon package owns /etc/libvirt, not libvirt-client bnc878056 %NASLMINLEVEL 70300 C...

dovecot security and bug fix update

1.0.7-7 - permissions of deliver and dovecot.conf from 1.0.7-5 reverted - password can be stored in different file readable only for root now - Resolves: 436287, CVE-2008-4870 1.0.7-6 - added missing directory in file list - Resolves: 436287 1.0.7-5 - change permissions of deliver and dovecot.con...