228 matches found
CVE-2026-45108
Himmelblau (interoperability suite for Microsoft Azure Entra ID and Intune) contains an authentication bypass in the Device Authorization Grant (DAG) flow for versions 2.0.0–3.1.4 and 2.3.0–2.3.10. The root cause is in token_validate, which verified domain aliases but did not ensure the authentic...
CVE-2026-23124
In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndiscrouterdiscovery syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This looks fine, IFLAINET6RAMTU is best effort. Add READONCE/WRITEONCE to document...
CVE-2026-23124
In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndiscrouterdiscovery syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This looks fine, IFLAINET6RAMTU is best effort. Add READONCE/WRITEONCE to document...
CVE-2026-23124 ipv6: annotate data-race in ndisc_router_discovery()
In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndiscrouterdiscovery syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This looks fine, IFLAINET6RAMTU is best effort. Add READONCE/WRITEONCE to document...
CVE-2026-23124
In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndiscrouterdiscovery syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This looks fine, IFLAINET6RAMTU is best effort. Add READONCE/WRITEONCE to document...
EUVD-2026-5912
In the Linux kernel, the following vulnerability has been resolved: ipv6: annotate data-race in ndiscrouterdiscovery syzbot found that ndiscrouterdiscovery could read and write in6dev-ramtu without holding a lock 1 This looks fine, IFLAINET6RAMTU is best effort. Add READONCE/WRITEONCE to document...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the data competition between ndiscrouterdiscovery and in6dev-ramtu in IPv6, potentially leading t...
Linux Distros Unpatched Vulnerability : CVE-2025-68350
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent...
EUVD-2025-205104
In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check the maxracount value, which could result in a divide-by-zero error...
MAL-2025-191413 Malicious code in ra-auth-firebase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ddebb70a73861543e5a68b94eb70a9b3e2fa3726a977ef776f8ef3fc75f0e76 The package ra-auth-firebase was found to contain malicious code. Source: ghsa-malware d4c20e629d2ccf83a4cc1a771392c0f879de71df77471d5e822fc511e415cb...
EUVD-2025-199268
Malicious code in ra-auth-firebase npm...
Malicious code in ra-auth-firebase (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ddebb70a73861543e5a68b94eb70a9b3e2fa3726a977ef776f8ef3fc75f0e76 The package ra-auth-firebase was found to contain malicious code. Source: ghsa-malware d4c20e629d2ccf83a4cc1a771392c0f879de71df77471d5e822fc511e415cb...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in ra-data-firebase (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e18e2fda31999ba999f5629853253dd8ff93b75237944d8c2971c2f54381cc13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-198963
Malicious code in ra-data-firebase npm...
MAL-2025-190864 Malicious code in ra-data-firebase (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e18e2fda31999ba999f5629853253dd8ff93b75237944d8c2971c2f54381cc13 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2025-198321
Malicious code in @ra-ide/udt-frontend npm...
MAL-2025-190598 Malicious code in @ra-ide/udt-frontend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 43e7622a4fb5f78043c8f52ad78fb036d26fa8ae041f8d2d21f82d4620894e14 The package @ra-ide/udt-frontend was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-190591 Malicious code in @ra-ide/extension-ui (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a7aa2bba6ddffad751c19fd8291861f53b9994814f0cecb8925b7c2d5c87ae5 The package @ra-ide/extension-ui was found to contain malicious code. Source: ossf-package-analysis...