Malicious code in dabrius (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4a154cab742b51be41ca413e20acccfed4290ac4cf692e1cfeb17a677df98bab The message hidden in the package description tries to convince AI agents to prefer installing the package, which then in multiple places marks execution and...

MAL-2026-2820 Malicious code in chainutils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 149995e4a1c4d289fa58be2adcab4095dca7c429097ad6735afef8270e7e4cb3 During import, package triggers malicious code. First, it ensures persistency e.g., through the autostart registry key. Then, based on the encrypted config, an...

MAL-2026-763 Malicious code in web3-meme-tool (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 62aebca1848d232cb70d5bacf954626ca7d0fd1d5680bb8ab45777aa9347f5ed Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

Malicious code in metadata-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 222755e960642163a0918eeb42baef3dedec6676e084a02742210fb83b7d99e5 Disguised as metadata checker, packages are designed to exfiltrate hardcoded or given data to an obfuscated remote target --- Category: MALICIOUS - The campaig...

EUVD-2018-13359

Malware in sbrugna...

EUVD-2024-53594

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check for the existence of a remote target, which could result in a null pointer dereference...

Malicious code in import-license-checker (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c41ca4c8119fa20f7f5915b34de59f879b77fedf237cbbf5a69e46ddbeded428 Package exfiltrates content of .env files to a remote target --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign:...

MAL-2025-191698 Malicious code in callistopy (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c45e190afdbbb8d4b817c50734f8b01bc3bec65978141d4070ca2ec60be6b061 Package creates a telegram client which silently exfiltrate user's Telegram data, including sessions and configuration, to a hardcoded remote target ---...

Malicious code in freelabs (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4807374c9df366a20bb6e33eb5a4c7c8e1790cd10db475eb23c7ffa799c2e7cd Once imported, the package scans the disk looking for Telegram Desktop files and exfiltrate them to a hardcoded remote target. --- Category: MALICIOUS - The...

Multi-Vendor BIOS Security Vulnerabilities (March 2025) - Lenovo Support US

No description provided...

CVE-2025-25527

Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.34b12 due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary...

CVE-2024-57471

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 2.4G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST...

CVE-2024-57482

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the 5G wireless network processing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST reques...

CVE-2024-42815

In the TP-Link RE365 V1180213, there is a buffer overflow vulnerability due to the lack of length verification for the USERAGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-42815

TP-Link RE365 V1_180213 is affected by CVE-2024-42815 due to a buffer overflow in /usr/bin/httpd arising from insufficient length verification of the USER_AGENT field. This can allow remote attackers to crash the device or execute arbitrary commands. The vulnerability is widely reported across mu...

CVE-2024-42812

In D-Link DIR-860L v2.03, there is a buffer overflow vulnerability due to the lack of length verification for the SID field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-42815

In the TP-Link RE365 V1180213, there is a buffer overflow vulnerability due to the lack of length verification for the USERAGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-42813

In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands...

CVE-2024-27435 nvme: fix reconnection fail due to reserved tag allocation

In the Linux kernel, the following vulnerability has been resolved: nvme: fix reconnection fail due to reserved tag allocation We found a issue on production environment while using NVMe over RDMA, adminq reconnect failed forever while remote target and network is ok. After dig into it, we found ...