Lucene search
K

28 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.11 views

Oracle Linux 9 : postgresql:15 (ELSA-2026-28037)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-28037 advisory. pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new buil...

8.8CVSS7AI score0.00668EPSS
Exploits0References5
OSV
OSV
added 2026/06/22 12:0 p.m.7 views

MAL-2026-6308 Malicious code in @lazyutil/dater (npm)

@lazyutil/dater malicious versions 0.8.1, 0.9.2, 0.9.3, and 0.9.4, published by [email protected] is a trojanized npm package belonging to the wshu.net credential-stealer campaign. The campaign published trojanized look-alike utility packages across 12+ scopes whose publisher accounts all...

6.5AI score
Exploits0References7
OSV
OSV
added 2026/05/20 7:11 a.m.8 views

MAL-2026-4467 Malicious code in @weirdorg/dotenv (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dce94a089c58246a54a1e4496d323c92bb46dac654e1a1403e875292be94b198 Package is a near-verbatim republication of the popular dotenv library same README, API, and file layout under the @weirdorg/dotenv name. The only...

6.2AI score
Exploits0References1
Rockylinux
Rockylinux
added 2026/03/09 6:1 p.m.7 views

postgresql:12 security update

An update is available for pgrepack, pgaudit, module.postgres-decoderbufs, module.pgaudit, postgresql, module.pgrepack, postgres-decoderbufs, module.postgresql. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS6.2AI score0.01208EPSS
Exploits3
Oracle linux
Oracle linux
added 2026/03/09 12:0 a.m.7 views

postgresql:16 security update

pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3636 pgrepack 1.5.1-1 - Update to 1.5.1 postgres-decoderbufs 2.4.0-1.Final - Initial import for postgresql 16 stream - Related: RHEL-3636 postgresql 16.13-1 - Update to 16.13 - Fix...

8.8CVSS6AI score0.01208EPSS
Exploits3
Fedora
Fedora
added 2026/02/01 1:3 a.m.8 views

[SECURITY] Fedora 42 Update: python-wheel-0.45.1-5.fc42

This is a command line tool for manipulating Python wheel files, as defined in PEP 427. It contains the following functionality: - Convert .egg archives into .whl. - Unpack wheel archives. - Repack wheel archives. - Add or remove tags in existing wheel archives...

7.1CVSS5.9AI score0.00311EPSS
Exploits2
Fedora
Fedora
added 2026/02/01 12:50 a.m.7 views

[SECURITY] Fedora 43 Update: python-wheel-0.45.1-20.fc43

This is a command line tool for manipulating Python wheel files, as defined in PEP 427. It contains the following functionality: - Convert .egg archives into .whl. - Unpack wheel archives. - Repack wheel archives. - Add or remove tags in existing wheel archives...

7.1CVSS5.9AI score0.00311EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

Oracle Linux 9 : postgresql:16 (ELSA-2026-0493)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0493 advisory. pgaudit 16.0-1 - Update to 16.0 - Support postgresql 16 - Initial import for PG 16 module - Resolves: RHEL-3635 pgrepack 1.5.1-1 - Update to v1.5.1...

5.9CVSS5.9AI score0.00307EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.4 views

Oracle Linux 8 : postgresql:15 (ELSA-2026-0524)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0524 advisory. pgaudit pgrepack postgres-decoderbufs postgresql 15.15-1 - Update to 15.15 - Resolves: RHEL-128819 CVE-2025-12818 Tenable has extracted the preceding...

5.9CVSS5.8AI score0.00307EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/01/14 12:0 a.m.8 views

postgresql:15 security update

pgaudit 1.7.0-1 - Initial import for postgresql 15 module - Update to 1.7.0 - Support postgresql 15 - Related: 2128410 pgrepack 1.4.8-2 - Add new build dependencies to fix build with lz4 enabled - Related: RHEL-47350 1.4.8-1 - Update to version 1.4.8 - Postgresql 15 is supported - Related: 212841...

5.9CVSS7.1AI score0.00307EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/12/30 1:16 p.m.4 views

CVE-2023-54284

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The buf4 value comes from the user via tsplay. It is a value in the u8 range. The final length we pass to av7110ipackinstantrepack is "len - buf4 + 1 - 4" so add a check to...

5.9AI score0.00195EPSS
Exploits0References11
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 6:2 p.m.0 views

Malicious code in determined_nightingale_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector acae57b8779cfd22c1f651d039abf585921681083494477c9436ad2ba8637adf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
EUVD
EUVD
added 2025/10/22 6:53 a.m.4 views

EUVD-2025-35356

Malicious code in js-repack npm...

6.6AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/22 6:53 a.m.5 views

Malicious code in js-repack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7a80a1c4ce3e508e53f6fbcff1d53486d344d5e88efb691abaad37cc22759f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References4
Snyk
Snyk
added 2025/10/22 6:53 a.m.6 views

Malicious Package

Overview js-repack is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS6.8AI score
Exploits0References2
OSV
OSV
added 2025/10/22 6:53 a.m.3 views

MAL-2025-48554 Malicious code in js-repack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d7a80a1c4ce3e508e53f6fbcff1d53486d344d5e88efb691abaad37cc22759f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References4
OSV
OSV
added 2025/09/29 5:28 a.m.4 views

MAL-2025-47834 Malicious code in react-repack (npm)

The package react-repack was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 038fe89fdf3f2220fd47dd19c5464b9fcc0b3f60c5ad14ed468d2d1da9909de1 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/29 5:28 a.m.6 views

Malicious code in react-repack (npm)

The package react-repack was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 038fe89fdf3f2220fd47dd19c5464b9fcc0b3f60c5ad14ed468d2d1da9909de1 Any computer that has this package installed or running should be considered fully...

6.9AI score
Exploits0References1
Snyk
Snyk
added 2025/09/15 7:39 a.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Snyk
Snyk
added 2025/09/15 7:39 a.m.4 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentials and API tokens. It also downloads malicious files and repackages them...

9.8CVSS7AI score
Exploits0References2
Rows per page
Query Builder