386 matches found
Security update for mariadb
This update for mariadb fixes the following issues: CVE-2025-13699: Fixed MariaDB mariadb-dump utility vulnerable to Path Traversal and Remote Code Execution bsc1254313 Other fixes: Update to 10.11.15 Add %license tags to license files bsc1252162 Add INSTALLDOCREADMEDIR cmake flag to install read...
SUSE-SU-2025:4502-1 Security update for mariadb
This update for mariadb fixes the following issues: - CVE-2025-13699: Fixed MariaDB mariadb-dump utility vulnerable to Path Traversal and Remote Code Execution bsc1254313 Other fixes: - Update to 10.11.15 - Add %license tags to license files bsc1252162 - Add INSTALLDOCREADMEDIR cmake flag to...
SUSE-SU-2026:20018-1 Security update for mariadb
This update for mariadb fixes the following issues: - Update to 11.8.5: CVE-2025-13699: Fixed Directory Traversal Remote Code Execution Vulnerability bsc1254313 Other fixes: - Add %license tags to license files bsc1252162 - Add INSTALLDOCREADMEDIR cmake flag to install readme and license files -...
Malicious code in trondec (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d4efad56ea7992fa8744736bf9f7b5e8eee6a521109819f7b841eb3f1ea91bbc Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-192605 Malicious code in trondec (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d4efad56ea7992fa8744736bf9f7b5e8eee6a521109819f7b841eb3f1ea91bbc Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Security update for mariadb
This update for mariadb fixes the following issues: CVE-2025-13699: Fixed MariaDB mariadb-dump utility vulnerable to Path Traversal and Remote Code Execution bsc1254313 Other fixes: Updated to 11.8.5 Added %license tags to license files bsc1252162 Added INSTALLDOCREADMEDIR cmake flag to install...
SUSE-SU-2025:4438-1 Security update for mariadb
This update for mariadb fixes the following issues: - CVE-2025-13699: Fixed MariaDB mariadb-dump utility vulnerable to Path Traversal and Remote Code Execution bsc1254313 Other fixes: - Updated to 11.8.5 - Added %license tags to license files bsc1252162 - Added INSTALLDOCREADMEDIR cmake flag to...
EUVD-2025-202392
The Simple Download Counter plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.2.2. This is due to insufficient path validation in the simpledownloadcounterparsepath function. This makes it possible for authenticated attackers, with Administrator-level...
Malicious code in hexdeci (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 16ae0ccb5a073a33b198ac6fd10854edfebb3c20c2d67d0363484602813d445e Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-192367 Malicious code in hexdeci (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 16ae0ccb5a073a33b198ac6fd10854edfebb3c20c2d67d0363484602813d445e Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
PT-2025-49416
CVE-2025-666478 A self-hosted movie recommendation system based on your favorites movies on Jellyfin. Host it yourself, by following the instructions in the README. Or checkout a hosted instance here https://t.co/PIablHyWKy...
Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to Apache Lucene
Summary IBM webMethods BPM uses Apache Lucene in designer-process-feature and metadata-core-feature for text processing and filtering purpose. Vulnerability Details IBM X-Force ID: 216835 DESCRIPTION: Apache Lucene is vulnerable to a denial of service. By sending a specific regular expression...
MAL-2025-191757 Malicious code in hexdeclink (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4df8ddadb082a2d285b508fc17356d22ef0375649424cc39d9b08a9e32ab6684 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
MAL-2025-191755 Malicious code in hexcon (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 191af8110082a90345db609c8f23d2313a5be68ec121742172f32cf3a1d5d905 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in hexcon (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 191af8110082a90345db609c8f23d2313a5be68ec121742172f32cf3a1d5d905 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in pkg-readme (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bfc479ddf04c9b4dccdd1b190ab6a553b8b70b35dd010db9a2f6facee0990c78 The package pkg-readme was found to contain malicious code. Source: ghsa-malware 1367f46db577db5123a8d208e0f5d172747a39e623e7c33db0a7e240d28f9d2a Any...
EUVD-2025-199361
Malicious code in pkg-readme npm...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Malicious code in hexdecnet (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 4ca5c3aa5b553fffaca36241e0e3a6144c9b661b9e0cb77fd93ae34fc6b1ed7e Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...
Malicious code in hexadecpy (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e553647ff67ec6e0339b5de8038f9522494a1200e0437156eee7674d5a29ef21 Package appears to be designed for private key exfiltration, but no known usage. The name appears to be related to the cryptocurrency TRX Tron / Tronix. Some...