17 matches found
SUSE CVE-2026-2219
It was discovered that dpkg-deb a component of dpkg, the Debian package management system does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service infinite loop spinning the CPU...
MAL-2025-57759 Malicious code in nana-kentang91-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0470ac356ad11c025e0e19b3e79414ed8b487192ffbda0ac3defc45ab81d3ef0 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in system-modeling (npm)
The package system-modeling was found to contain malicious code...
Malicious code in banana-nightingale-uqtw (npm)
The package banana-nightingale-uqtw was found to contain malicious code...
MAL-2025-6381 Malicious code in web3-rtc (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9dca49a40515fc43ab5bb3d987aa551a6464961dd1aee2b3e4cadae66831a01 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-4608 Malicious code in @pentestleg/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 12690fd1c593ee20e534b6c4d32dabdc2e39c773c7a78d9f64ec44b457645f5d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-2312 Malicious code in expect-violations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d98ae6c06bd6b1cd2115956a382b7cdd4a1901560535df9f8284ef29cb6a4550 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 41 Update: rpm-ostree-2025.5-2.fc41
rpm-ostree is a hybrid image/package system. It supports "composing" packages on a build server into an OSTree repository, which can then be replicated by client systems with atomic upgrades. Additionally, unlike many "pure" image systems, with rpm-ostree each client system can layer on additiona...
MAL-2025-1422 Malicious code in kcex-main (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 250e2784873b2d4ccedb1c0017d13580afe0f3a3c3d956afeedcc1b962cc197d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-220 Malicious code in prem-babu-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e749c21a26a377a26000dd72c19e7a3d7e331ead388c3dfdecce559de1dd6db4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
[SECURITY] Fedora 40 Update: rpm-ostree-2024.4-5.fc40
rpm-ostree is a hybrid image/package system. It supports "composing" packages on a build server into an OSTree repository, which can then be replicated by client systems with atomic upgrades. Additionally, unlike many "pure" image systems, with rpm-ostree each client system can layer on additiona...
PT-2022-23753 · Huawei · Emui +2
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The recovery module has a vulnerability that allows bypassing the verification of an update package before use. Successful exploitation of this issue ma...
sudo security update
CentOS Errata and Security Advisory CESA-2019:3197 An update for sudo is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
[SECURITY] Fedora 24 Update: rpm-ostree-2017.3-2.fc24
rpm-ostree is a hybrid image/package system. It supports "composing" packages on a build server into an OSTree repository, which can then be replicated by client systems with atomic upgrades. Additionally, unlike many "pure" image systems, with rpm-ostree each client system can layer on additiona...
pfSense 2.1 Inclusion / Traversal / Escalation
| | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Exploit Title: pfSense 2.1 Privilege Escalation from less privileged users LFI/RCE Date: 25/01/2014 0-day Exploit Author: @u0x Pichaya Morimoto Software Link: www.pfsense.org Category: Local...
pfSense 2.0.1 - Cross-Site Scripting / Cross-Site Request Forgery / Remote Command Execution
Exploit Title: pfSense 2.0.1 XSS & CSRF Remote root Access Date: 04/01/2013 Author: Yann CAM @ Synetis Vendor or Software Link: www.pfsense.org Version: 2.0.1 Category: XSS & CSRF Remote root Access Google dork: Tested on: FreeBSD pfSense firewall/router distribution description :...
RedHat Update for dbus RHSA-2011:0376-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...