1302 matches found
Malicious code in ogi-bubur96-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21171646a3a4d2baa42adccb56b158f72ab4fcd366349cbf8396388520fdaa51 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in mahesa-botok66-miaww (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 15fc78c705548cc542f7713c0eceeedfd1a3a21af72dcdb74ae0a9b5c3746bbe This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-91642 Malicious code in utomo-serabi78-kyuki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0061e5719c2cd563bf932fcca7b128784f8e1b660b290407c089a17d7867fed5 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
MAL-2025-79090 Malicious code in iwan-mieayam79-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6a4dde431838509c96dc300d4bd47254f2d4b10ec7ac6b6e3c4b9001fb4c2684 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
WordPress plugin Hydra Booking — Appointment Scheduling & Booking Calendar 安全特征问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Hydra...
MAL-2025-59464 Malicious code in wawan-soto84-sukiwir (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0771ad3d65c6ba6fc0caa2fd1700ce27ae0ecde1508bccf76911a3bba1ffc789 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
RHEL 9 : bind9.18 (RHSA-2025:19950)
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:19950 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which...
RockyLinux 8 : bind9.16 (RLSA-2025:19793)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:19793 advisory. bind: Cache poisoning attacks with unsolicited RRs CVE-2025-40778 bind: Cache poisoning due to weak PRNG CVE-2025-40780 Tenable has extracted the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not ensuring that setent is always present, which could lead to problems with cryptographic random number...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RLSA-2025:19793 Important: bind9.16 security update
The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server is operating correctly. Security Fixes:...
CVE-2025-21078
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications...
bind: Cache poisoning due to weak PRNG
A vulnerability was found in BIND resolvers caused by a weakness in the Pseudo Random Number Generator PRNG. This weakness allows an attacker to potentially predict the source port and query ID used by BIND, enabling cache poisoning attacks. If successful, the attacker can inject malicious DNS...
Important: Red Hat Security Advisory: bind9.16 security update
An update for bind9.16 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2025-21078
CVE-2025-21078 affects Samsung Smart Switch prior to version 3.7.68.6. The root cause is the use of an insufficiently random value for the secretKey, which could allow adjacent attackers to access application backups. Public sources in the connected documents consistently describe this impact and...
CVE-2025-21078
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications...
CVE-2025-21078
Use of insufficiently random value of secretKey in Smart Switch prior to version 3.7.68.6 allows adjacent attackers to access backup data from applications...
Certified Randomness Amplification by Dynamically Probing Remote Random Quantum States
Cryptography depends on truly unpredictable numbers, but physical sources emit biased or correlated bits. Quantum mechanics enables the amplification of imperfect randomness into nearly perfect randomness, but prior demonstrations have required physically co-located, loophole-free Bell tests,...
PT-2025-45078
Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.68.6 Description The use of an insufficiently random value for the secretKey in Smart Switch allows nearby attackers to gain access to backup data from applications. Recommendations Update to version 3.7.68.6...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988777)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988777 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: use getrandomu32 instead of prandom bh might occur while updating per-cpu rndstate fro...