17053 matches found
Malicious code in circuit-runtime-presenter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3cdb658ec8c6d8d9af631260f52c7b97315d6714449b7e8bcd8ac60e65644951 The OpenSSF Package Analysis project identified 'circuit-runtime-presenter' @ 10.0.1 npm as malicious. It is considered malicious because: - The...
MAL-2025-47461 Malicious code in circuit-runtime-presenter (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 3cdb658ec8c6d8d9af631260f52c7b97315d6714449b7e8bcd8ac60e65644951 The OpenSSF Package Analysis project identified 'circuit-runtime-presenter' @ 10.0.1 npm as malicious. It is considered malicious because: - The...
CVE-2025-59336
Luanox is a module host for Lua packages. Prior to 0.1.1, a file traversal vulnerability can cause potential denial of service by overwriting Phoenix runtime files. Package names like ../../package are not properly filtered and pass the validity check of the rockspec verification system. This...
CVE-2025-58749
WebAssembly Micro Runtime WAMR is a lightweight standalone WebAssembly Wasm runtime. In WAMR versions prior to 2.4.2, when running in LLVM-JIT mode, the runtime cannot exit normally when executing WebAssembly programs containing a memory.fill instruction where the first operand memory address...
DEBIAN-CVE-2023-53443
In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pmruntimeresumeandget to prevent refcnt leak In arizonaclk32kenable, we should use pmruntimeresumeandget as pmruntimegetsync will increase the refcnt even when it returns an error...
UBUNTU-CVE-2023-53443
In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pmruntimeresumeandget to prevent refcnt leak In arizonaclk32kenable, we should use pmruntimeresumeandget as pmruntimegetsync will increase the refcnt even when it returns an error...
CVE-2023-53443 mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak
In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pmruntimeresumeandget to prevent refcnt leak In arizonaclk32kenable, we should use pmruntimeresumeandget as pmruntimegetsync will increase the refcnt even when it returns an error...
Denial Of Service (DoS)
Axios is vulnerable to Denial-of-Service. The vulnerability is due to improper handling of data: scheme URLs, where the Node.js HTTP adapter decodes the entire payload into memory and ignores size limits, allowing attackers to supply a very large data URI to cause unbounded memory allocation and...
SUSE CVE-2023-53177
In the Linux kernel, the following vulnerability has been resolved: media: hi846: fix usage of pmruntimegetifinuse pmruntimegetifinuse does not only return nonzero values when the device is in use, it can return a negative errno too. And especially during resuming from system suspend, when runtim...
Linux Distros Unpatched Vulnerability : CVE-2023-53177
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: media: hi846: fix usage of pmruntimegetifinuse pmruntimegetifinuse does not only return...
SUSE CVE-2022-50267
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxpci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not added...
SUSE CVE-2022-50347
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not...
SUSE CVE-2023-53216
In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efirtlock a rawspinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 1,...
SUSE CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
The API Battleground: Why APIs are the new frontline—and how to stop the stealthiest attacks
APIs used to be the quiet backstage crew that made apps feel magical. Now attackers have learned the script — they walk onstage, deliver perfectly polite lines, and walk off with the props. In H1 2025 Imperva observed 40,000+ API incidents across 4,000+ monitored environments , including an...
CVE-2022-50347
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not...
CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
CVE-2025-59336
Luanox is a module host for Lua packages. Prior to 0.1.1, a file traversal vulnerability can cause potential denial of service by overwriting Phoenix runtime files. Package names like ../../package are not properly filtered and pass the validity check of the rockspec verification system. This...
DEBIAN-CVE-2023-53308
In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pmruntimeget failing in .remove In the unlikely event that pmruntimeget disguised as pmruntimeresumeandget fails, the remove callback returned an error early. The problem with this is that the driver core...
CVE-2022-50347
In the Linux kernel, the following vulnerability has been resolved: mmc: rtsxusbsdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not...