Malicious code in nsemea-sample-parenttransaction-lib-poc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a41c3f9782e1fb062bef2307e7300491d25460f761f7e9da305bc92e541c850 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

SILENT: a New Lens on Statistics in Software Timing Side Channels

Cryptographic research takes software timing side channels seriously. Approaches to mitigate them include constant-time coding and techniques to enforce such practices. However, recent attacks like Meltdown 42, Spectre 37, and Hertzbleed 70 have challenged our understanding of what it means for...

ECG Identity Authentication in Open-Set with Multi-Model Pretraining and Self-Constraint Center and Irrelevant Sample Repulsion Learning

Electrocardiogram ECG signal exhibits inherent uniqueness, making it a promising biometric modality for identity authentication. As a result, ECG authentication has gained increasing attention in recent years. However, most existing methods focus primarily on improving authentication accuracy...

From Randomized Response to Randomized Index: Answering Subset Counting Queries with Local Differential Privacy

Local Differential Privacy LDP is the predominant privacy model for safeguarding individual data privacy. Existing perturbation mechanisms typically require perturbing the original values to ensure acceptable privacy, which inevitably results in value distortion and utility deterioration. In this...

Malicious code in @sporta-technology/sample-npm-package (npm)

--- -= Per source details. Do not edit below this line.=-...

Security update for haproxy

This update for haproxy fixes the following issues: CVE-2025-32464: Fixed heap-based buffer overflow in sampleconvregsub. bsc1240971 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a contention condition in panthor when collecting samples from the fdinfo group, which could lead to reuse after...

GHSA-QC59-CXJ2-C2W4 aws-cdk-lib's aspect order change causes different Permissions Boundary assigned to Role

Summary The AWS Cloud Development Kit AWS CDK is an open-source software development framework for defining cloud infrastructure in code and provisioning it through AWS CloudFormation. In the CDK, developers organize their applications into reusable components called "constructs," which are...

CLSA-2025-1744710425 Fix CVE(s): CVE-2024-5594

SECURITY UPDATE: Improper PUSHREPLY sanitization allows attackers to inject arbitrary data into third-party executables - debian/patches/CVE-2024-5594.patch: Properly handle null bytes and invalid characters in control - CVE-2024-5594 UPDATE CERTIFICATES: Renew sample keys -...

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

🚨 CVE-2024-4367: Arbitrary JavaScript Execution in PDF.js Thi...

DEBIAN-CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

UBUNTU-CVE-2025-32464

HAProxy 2.2 through 3.1.6, in certain uncommon configurations, has a sampleconvregsub heap-based buffer overflow because of mishandling of the replacement of multiple short patterns with a longer one...

CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

DEBIAN-CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

libheif 安全漏洞

libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder from struktur open source. A security vulnerability exists in libheif version 1.19.7, which originates from the ability of a local attacker to execute arbitrary code via SAO processing resulting in a buffer overflow...

PT-2025-15284 · Libheif +3 · Libheif +3

Name of the Vulnerable Software and Affected Versions: libheif version 1.19.7 Description: The issue allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265. This is a Buffer Overflow vulnerability. Recommendations: For libheif version 1.19.7,...

CVE-2025-29482

Buffer Overflow vulnerability in libheif 1.19.7 allows a local attacker to execute arbitrary code via the SAO Sample Adaptive Offset processing of libde265...

Exploit for CVE-2025-29927

CVE-2025-29927 - Next.js Middleware Authorization Bypass PoC...

CLSA-2025-1742577500 Fix CVE(s): CVE-2017-12166

SECURITY UPDATE: Possible inject of arbitrary data into third-party executables or plug-ins - debian/patches/CVE-2017-12166.patch: Fix an out-of-bounds issue preventing potential stack overflow - CVE-2017-12166 UPDATE CERTIFICATES: Renew sample keys - debian/patches/sample-keys-renew.patch: Renew...

PT-2025-12191 · Mintplex · Anything-Llm

Name of the Vulnerable Software and Affected Versions: mintplex-labs/anything-llm version 1d9452da2b92 Description: A denial of service issue arises when uploading an audio file with a very low sample rate, causing the site instance to crash. This occurs due to the localWhisper implementation,...