Denial Of Service (DoS)

OpenEXR is vulnerable to Denial Of Service DoS. The vulnerability is due to a NULL pointer dereference due to improper handling of deep scanline images with large sample counts in reduceMemory mode...

CVE-2025-55286 z2d OOB drawing with new multi-sample anti-aliasing could lead to invalid memory access and corruption

z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing MSAA method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing SSAA method. Under certa...

Linux Distros Unpatched Vulnerability : CVE-2025-38424

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf: Fix sample vs doexit Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access...

Malicious code in developer-portal-sample-app (npm)

The package developer-portal-sample-app was found to contain malicious code...

Malicious code in @tiktok-frontend/api-demo-sample-lib2 (npm)

The package @tiktok-frontend/api-demo-sample-lib2 was found to contain malicious code...

Malicious code in kakfa-service-interface-sample (npm)

The package kakfa-service-interface-sample was found to contain malicious code...

Malicious code in org.eclipse.n4js.sample.utils (npm)

The package org.eclipse.n4js.sample.utils was found to contain malicious code...

MAL-2025-24163 Malicious code in kakfa-service-interface-sample (npm)

The package kakfa-service-interface-sample was found to contain malicious code...

MAL-2025-18352 Malicious code in developer-portal-sample-app (npm)

The package developer-portal-sample-app was found to contain malicious code...

MAL-2025-28234 Malicious code in one-to-one-sample (npm)

The package one-to-one-sample was found to contain malicious code...

PostgreSQL 安全漏洞

PostgreSQL is a free object-relational database management system from the PostgreSQL organization. The system supports most of the SQL standards and provides many other features such as foreign keys, triggers, views, and more. A security vulnerability exists in PostgreSQL versions 17.6, 16.10,...

Linux Distros Unpatched Vulnerability : CVE-2021-46971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix unconditional securitylockeddown call Currently, the lockdown state is querie...

Malicious code in singlestore-avro-sample (npm)

The package communicates with a domain associated with malicious activity...

MAL-2025-6856 Malicious code in singlestore-avro-sample (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in sendbird-uikit-sample-cli (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6853 Malicious code in sendbird-uikit-sample-cli (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

OESA-2025-1962 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs doexit Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access...

perf: Fix sample vs do_exit()

...

Non-Omniscient Backdoor Injection with a Single Poison Sample: Proving the One-Poison Hypothesis for Linear Regression and Linear Classification

Backdoor injection attacks are a threat to machine learning models that are trained on large data collected from untrusted sources; these attacks enable attackers to inject malicious behavior into the model that can be triggered by specially crafted inputs. Prior work has established bounds on th...

SUSE CVE-2025-38424

In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs doexit Baisheng Gao reported an ARM64 crash, which Mark decoded as being a synchronous external abort -- most likely due to trying to access MMIO in bad ways. The crash further shows perf trying to do a user...