81884 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-43004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: stm32-ospi: Fix resource leak in remove callback The remove callback returned early if pmruntimeresumeandget failed, skipping the cleanup of spi controller...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization through the DeleteManifest process. An attacker can remove tags from repositories by sending a DELETE request to the relevant API endpoint, even when deletion has been explicitly disabled in the configuration. Th...
CVE-2026-29169
A NULL pointer dereference in moddavlock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.moddavlock is not used internally by moddav or moddavfs. The only known use-case for moddavlock was moddavsvn from Apache Subversion earlier than...
CVE-2026-29169
A NULL pointer dereference in moddavlock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.moddavlock is not used internally by moddav or moddavfs. The only known use-case for moddavlock was moddavsvn from Apache Subversion earlier than...
CVE-2026-29169
A NULL pointer dereference in moddavlock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.moddavlock is not used internally by moddav or moddavfs. The only known use-case for moddavlock was moddavsvn from Apache Subversion earlier than...
CVE-2026-29169 Apache HTTP Server: mod_dav_lock indirect lock crash
A NULL pointer dereference in moddavlock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.moddavlock is not used internally by moddav or moddavfs. The only known use-case for moddavlock was moddavsvn from Apache Subversion earlier than...
CVE-2026-6529
A flaw was found in Wireshark. A remote attacker could exploit this vulnerability by providing a specially crafted iLBC audio codec. This could lead to a crash of the Wireshark application, resulting in a denial of service. Mitigation Users should avoid opening untrusted capture files or processi...
CVE-2026-6531
A flaw was found in Wireshark. The SANE Scanner Access Now Easy protocol dissector contains an infinite loop vulnerability. A local user processing specially crafted SANE protocol traffic, such as opening a malicious capture file, can trigger this flaw, leading to a denial of service DoS in...
Malicious Package
Overview @apple-pay-trust/authorize-payment is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...
Malicious code in @b2b_blocker/hide_activation_error (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cbbf4ca3aa2fddd7145289bbf2f3ee83ef30e0fb6aa1163f465c4175cd22aec The package @b2bblocker/hideactivationerror was found to contain malicious code. Source: ghsa-malware...
Malicious code in @montanatonytest/app.web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae7604e0d0f1f42d621917113451c0b0583f2c74d4bbe59d92db2cf68101c674 The package @montanatonytest/app.web was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3317 Malicious code in @apple-pay-trust/destroy (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6515019a886959d905d728f0fdcebeb16aa3e62bcf2e2643c0424ba87aeb8f79 The package @apple-pay-trust/destroy was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3316 Malicious code in @apple-pay-trust/check-apple-pay (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e70605dbfa408340f5181bb26e47fb08e3ff8925c50aee6cb62132e724ba7a09 The package @apple-pay-trust/check-apple-pay was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3320 Malicious code in @google-pay-trust/start (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 16feef8620dbb1f3b6c7c6c67f9f7883438f368a3bfd2c2c591d7f30467e67c4 The package @google-pay-trust/start was found to contain malicious code. Source: ghsa-malware...
Malicious code in @google-pay-trust/init-google-pay-result (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dba78dc87b515a0cda716fc10162fbc4c31c264a1e2dbf6f1651257cfa87e62 The package @google-pay-trust/init-google-pay-result was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3321 Malicious code in @montanatonytest/app.web (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ae7604e0d0f1f42d621917113451c0b0583f2c74d4bbe59d92db2cf68101c674 The package @montanatonytest/app.web was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3319 Malicious code in @google-pay-trust/init-google-pay-result (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dba78dc87b515a0cda716fc10162fbc4c31c264a1e2dbf6f1651257cfa87e62 The package @google-pay-trust/init-google-pay-result was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3276 Malicious code in accesso-angular-cache-buster (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector efe1cff5329801850c1249ccfee1e905acc9e221c3bd424534068908f73b5a07 The package accesso-angular-cache-buster was found to contain malicious code. Source: ghsa-malware...
MAL-2026-3286 Malicious code in wagner-horizon (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d97421ed33bbba9349de85dd7f575a7c761e70226645a82545378e6e412d3515 The package wagner-horizon was found to contain malicious code. Source: ghsa-malware c1c6c42ada769c8af91fc0c7c7212a759d8138cd9f5c4af4d5b736d8f879c154...
MAL-2026-3285 Malicious code in vpi-guides (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0746aaba735c5411a6b2e62e27b52b39aace59ceebe307f3cd192fbf052b387a The package vpi-guides was found to contain malicious code. Source: ghsa-malware 28248d8cb6eca76057853d4e6ed366107e13c7dce9b6f02d9afd82475152a369 Any...