MAL-2026-4761 Malicious code in openirf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb17f2c97bd5a4cabcb86b5a51c9639749048f9675b6fa1d881e66d4d8b02958 pyproject.toml lists tdqm as a runtime dependency alongside numpy, scipy, and matplotlib. The package's source code imports tqdm the legitimate...

Malicious code in openirf (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cb17f2c97bd5a4cabcb86b5a51c9639749048f9675b6fa1d881e66d4d8b02958 pyproject.toml lists tdqm as a runtime dependency alongside numpy, scipy, and matplotlib. The package's source code imports tqdm the legitimate...

Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do

Threat actors leveraged Anthropic’s Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk...

EUVD-2017-3746

Malware in sbrugna...

Ubuntu 20.04 LTS : MySQL vulnerabilities (USN-4651-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4651-1 advisory. Tom Reynolds discovered that due to a packaging error, the MySQL X Plugin was listening to all network interfaces by default, contrary to expectations. This updat...

CVE-2017-12170

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related...

Default configuration

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related...

CVE-2017-12170

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related...

CVE-2017-12170

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related...

CVE-2017-12170

Downstream version 1.0.46-1 of pure-ftpd as shipped in Fedora was vulnerable to packaging error due to which the original configuration was ignored after update and service started running with default configuration. This has security implications because of overriding security-related...

CVE-2017-12170

CVE-2017-12170 : Downstream Fedora pure-ftpd 1.0.46-1 suffers a packaging error where the original configuration is ignored after update, causing the service to run with default security-related settings. Upstream pure-ftpd is not affected. Fed(er)a advisories document a fix by loading the correc...

SUSE SLES11 Security Update : ipsec-tools (SUSE-SU-2015:1367-1)

ipsec-tools was updated to fix one security issue and a bug. This security issue was fixed : - CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests bsc931989. Due to a...

[SECURITY] [DSA 3008-2] php5 regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3008-2 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso August 21, 2014 http://www.debian.org/security/faq -...

Moderate: Red Hat Security Advisory: openstack-heat security, bug fix, and enhancement update

Updated openstack-heat packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux OpenStack Platform 4.0. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring...

Ubuntu Update for curl USN-1158-1

Ubuntu Update for Linux kernel vulnerabilities USN-1158-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN11581.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for curl USN-1158-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

MDKA-2007:048-1 : x11-server

The x11 server would crash when setting a pixmap for the root window and later trying to restore the defaults. This update has been patched to correct the problem. Update: An error in packaging caused an incorrect conflict with the updated x11-server packages and the compiz package. New packages...

Mandriva Update for gnome-games MDKA-2007:055 (gnome-games)

Check for the Version of gnome-games OpenVAS Vulnerability Test Mandriva Update for gnome-games MDKA-2007:055 gnome-games Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

DSA-299 leksbot - improper setuid-root execution

Bulletin has no description...

CVE-2001-0912

CVE-2001-0912 affects Mandrake Linux 8.1 in the expect package (8.3.3). A packaging flaw causes expect to search libraries in /home/snailtalk before other directories, enabling a local user to gain root privileges. Mandrake issued MDKSA-2001:087 to address this.

CVE-2001-0912

Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges...