530 matches found
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011236)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011236 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be priv but we accidentally...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012991)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012991 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: imxsckey - fix memory corruption on unload This is supposed to be priv but we accidentally...
Malicious Package
Overview pt-sc-demo-app is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in pt-sc-demo-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08bb315a7617ec23d04aeb4d4518c1539efbeef21894d42401af06f0ec36fdb6 The package pt-sc-demo-app was found to contain malicious code. Source: ghsa-malware 755b0ca70d35b05cdaa098b0bd7a331c5f40f35f8d5bb0dcf56333ce7acce6e0...
MAL-2026-2567 Malicious code in pt-sc-demo-app (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 08bb315a7617ec23d04aeb4d4518c1539efbeef21894d42401af06f0ec36fdb6 The package pt-sc-demo-app was found to contain malicious code. Source: ghsa-malware 755b0ca70d35b05cdaa098b0bd7a331c5f40f35f8d5bb0dcf56333ce7acce6e0...
Malicious code in pt-sc-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 925a5c001d049ecefbe72bc5ba4090904c882bf13b6f97493387fe3ed04a661f The package pt-sc-logger was found to contain malicious code. Source: ghsa-malware deaf63bd8a081fcc49f46fdb9b4300abef500b33eba7034bbd8de142a60db3cd A...
MAL-2026-2568 Malicious code in pt-sc-logger (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 925a5c001d049ecefbe72bc5ba4090904c882bf13b6f97493387fe3ed04a661f The package pt-sc-logger was found to contain malicious code. Source: ghsa-malware deaf63bd8a081fcc49f46fdb9b4300abef500b33eba7034bbd8de142a60db3cd A...
Trane Tracer SC, Tracer SC+, and Tracer Concierge Use of a Broken or Risky Cryptographic Algorithm (CVE-2026-28252)
A Use of a Broken or Risky Cryptographic Algorithm vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to bypass authentication and gain root-level access to the device. This plugin only works with Tenable.ot. Please visit...
Trane Tracer SC, Tracer SC+, and Tracer Concierge Use of Hard-Coded, Security-Relevant Constants (CVE-2026-28256)
A Use of Hard-coded, Security-relevant Constants vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot fo...
Trane Tracer SC, Tracer SC+, and Tracer Concierge Use of Hard-Coded Credentials (CVE-2026-28255)
A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more informatio...
Trane Tracer SC, Tracer SC+, and Tracer Concierge Memory Allocation with Excessive Size Value (CVE-2026-28253)
A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to cause a denial-of-service condition This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
Trane Tracer SC, Tracer SC+, and Tracer Concierge Missing Authorization (CVE-2026-28254)
A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive information through unprotected APIs. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
ShieldNet: Network-Level Guardrails against Emerging Supply-Chain Injections in Agentic Systems
Existing research on LLM agent security mainly focuses on prompt injection and unsafe input/output behaviors. However, as agents increasingly rely on third-party tools and MCP servers, a new class of supply-chain threats has emerged, where malicious behaviors are embedded in seemingly benign tool...
CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, an attacker with physical access to the computer at the time user or administrator uses a token can cause a stack-buffer-overflow write in GET RESPONSE. The attack requires crafted USB device or smart card that wou...
CVE-2018-25222
SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...
SC 缓冲区错误漏洞
SC is a software developed by SC OpenSource. Version 7.16 of SC contains a buffer overflow vulnerability, which stems from a stack buffer overflow. This vulnerability could allow local attackers to execute arbitrary code...
CVE-2026-28254
A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive information through unprotected APIs...
CVE-2026-28255
A Use of Hard-coded Credentials vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an attacker to disclose sensitive information and take over accounts...
CVE-2026-28253
A Memory Allocation with Excessive Size Value vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to cause a denial-of-service condition...
Trane Tracer SC / SC+ Devices Detection Consolidation
Consolidation of Trane Tracer SC / SC+ Devices detections. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...