MAL-2022-6653 Malicious code in trinity-pkg-ss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2aa8616c6c7ac8d9a61dc6a76dbb1f9465b03f2bac5fe4fc4fe4decbf4140461 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6074 Malicious code in shakt-pkg-ss (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 037b8feaca6fc29f0d42067efc0aa636aac015008505b6bf7e369c436df1fd45 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in 13-pkg-13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d11ff8eabd16040bbd151481a728945ea4c50fe74433a661598e30c0d635d26c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in 13-pkg-14 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d36a155ffe729dc9810e6154d9a32fc420e3c9be1985a6ff23753ab79673f8b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in 13-pkg-1313 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2710d9c11ac4b066d45fecc52ccae29c4fb84f624e0142210a7b8e0a77da514 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-17 Malicious code in 13-pkg-1313 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f2710d9c11ac4b066d45fecc52ccae29c4fb84f624e0142210a7b8e0a77da514 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-18 Malicious code in 13-pkg-14 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d36a155ffe729dc9810e6154d9a32fc420e3c9be1985a6ff23753ab79673f8b8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-16 Malicious code in 13-pkg-13 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d11ff8eabd16040bbd151481a728945ea4c50fe74433a661598e30c0d635d26c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-1631 Malicious code in blz-internal-pkg (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b447563fa806880a2d1e5c85bd22a6d1db863feb00eb5337d44ee85468389eb4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GHSA-GP95-PPV5-3JC5 sharp vulnerable to Command Injection in post-installation over build environment

There's a possible vulnerability in logic that is run only at npm install time when installing versions of sharp prior to the latest v0.30.5. This is not part of any runtime code, does not affect Windows users at all, and is unlikely to affect anyone that already cares about the security of their...

new packages: tree-pkg

An update is available for tree-pkg. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Linux 9.0...

CVE-2022-21132

Directory traversal vulnerability in pfSense-pkg-WireGuard pfSense-pkg-WireGuard 0.1.5 versions prior to 0.1.54 and pfSense-pkg-WireGuard 0.1.6 versions prior to 0.1.61 allows a remote authenticated attacker to lead a pfSense user to view a file outside the public folder...

CVE-2022-21132

A directory traversal vulnerability affects pfSense-pkg-WireGuard (pfSense add-on). Affected versions are pfSense-pkg-WireGuard 0.1.5 prior to 0.1.5_4 and 0.1.6 prior to 0.1.6_1. The root cause is improper validation of file paths, allowing a remote authenticated user to view files outside the pu...

pkg-mbh.de Improper Access Control vulnerability OBB-2407469

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

pfSense 跨站脚本漏洞

pfSense is a set of network firewalls based on FreeBSD Linux. A security vulnerability exists in pfSense versions prior to 2.5.2, which originates from a php echo in /usr/local/www/pkg.php using $ REQUESTpkg filter...

Important Photon OS Security Update - PHSA-2022-0146

Updates of 'linux-aws', 'linux-secure', 'pkg-config', 'linux-rt', 'linux', 'linux-esx' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2022-4.0-0146

Updates of 'pkg-config', 'linux-rt', 'linux-aws', 'linux-esx', 'linux-secure' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-0346

Updates of 'bluez', 'consul', 'pkg-config', 'vim', 'httpd' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-3.0-0346

Updates of 'pkg-config', 'httpd', 'consul', 'vim', 'bluez' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2021-0459

Updates of 'pkg-config' packages of Photon OS have been released...