MAL-2025-29347 Malicious code in pizza-pasta (npm)

The package pizza-pasta was found to contain malicious code...

MAL-2025-8526 Malicious code in @malware-test-build-tazza-pasta-crush/test-mlw3-build-tazza-pasta-crush (npm)

The package @malware-test-build-tazza-pasta-crush/test-mlw3-build-tazza-pasta-crush was found to contain malicious code...

Malicious code in pizza-pasta (npm)

The package pizza-pasta was found to contain malicious code...

SUSE-SU-2024:3151-1 Security update for buildah

This update for buildah fixes the following issues: Update to version 1.35.4: Bump to Buildah v1.35.4 CVE-2024-3727 updates bsc1224117 integration test: handle new labels in 'bud and test --unsetlabel' Bump go-jose CVE-2024-28180 Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3:...

SUSE-SU-2024:3120-1 Security update for buildah, docker

This update for buildah, docker fixes the following issues: Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient validation of parent directory on mount bsc1219268 - CVE-2024-23653: Fixed insufficient...

manchesterpasta.co.uk Cross Site Scripting vulnerability OBB-3917384

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Friday Squid Blogging: Vegan Squid-Ink Pasta

It uses black beans for color and seaweed for flavor. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

pasta-gewinnen.de Cross Site Scripting vulnerability OBB-3650797

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Upgraded Q -> M from #323 [1668467355303]

Judge has assessed an item in Issue 323 as M risk. The relevant finding follows: L00: beforeTokenTransfer function called with wrong params in LBToken Line 237 seems to be a copy pasta mistake from line 209 in LBToken.sol. On line 237 when burning tokens, to should be zero, and amount of from's...

@amphro/streamer (>=0.0.0 <=1.0.1), @appirio/demo-scoped-pkg (>=2.4.1 <=2.8.0) +297 more potentially affected by CVE-2020-7777 via jsen (>=0.1.2 <=0.6.6)

jsen NPM version =0.1.2, =0.0.0, =2.4.1, =0.5.9, =0.1.0, =1.0.0, =0.6.9, =1.0.0, =1.0.0, =1.0.0, =2.2.3, =0.0.1, =0.1.0, =0.0.7, =1.4.0, =13.6.18 and more Source cves: CVE-2020-7777 Source advisory: SNYK:JS-JSEN-1014670...

cloudcmd (>=5.0.5 <=9.3.2), console-io (>=2.5.2 <=5.0.0) +22 more potentially affected by unknown CVE via ponse (>=1.0.1 <=1.6.1)

ponse NPM version =1.0.1, =5.0.5, =2.5.2, =0.0.0, =0.1.0, =2.7.4, =0.3.0, =1.0.0, =1.0.0, =0.0.1, =0.2.0, =1.0.0, =1.0.0, =1.0.9, =1.0.0, =1.0.0, =1.3.6 and more Source cves: unknown CVE Source advisory: OSV:GHSA-WFHX-6PCM-7M55...

Toyota’s PASTA- A car hacking tool to enhance automobile cybersecurity

By Waqas A team of security researchers working for the renowned automobile maker Toyota have developed a new car hacking tool. Dubbed as PASTA Portable Automotive Security Testbed with Adaptability, it is an open source tool created to help researchers identify the prevailing vulnerabilities in...

Bringbutler - Pizza, Pasta, .. - Customized SSL, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Bringbutler - Pizza, Pasta, .. published at the 'play' market has multiple vulnerabilities...

Pasta Rezepte - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Pasta Rezepte published at the 'play' market has multiple vulnerabilities...

Pasta recipes - Base64 encoded String, Exported ContentProvider, MIT license vulnerabilities

HackApp vulnerability scanner discovered that application Pasta recipes published at the 'play' market has multiple vulnerabilities...