485 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-49133
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdkfd: svm range restore work deadlock when process exit kfdprocessnotifierrelease flush svmrangerestorework which calls svmrangelistlockandflushwork to...
Linux Distros Unpatched Vulnerability : CVE-2020-14344
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow leading to a heap-buffer overflow was found in The X Input Method XIM client was implemented in libX11 before version 1.6.10. As per upstrea...
Linux Distros Unpatched Vulnerability : CVE-2016-8743
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers...
Malicious code in linkedin-test (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2022-49583
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavfgetrxbuffer now sets the rxbuffer return value for dummy receive descriptors. Without this patch, when...
CVE-2025-1230
creationtimestamp| type| source ---|---|--- 2025-02-12 10:45:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113990507036695974 2025-02-12 11:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhy2c4y3xx2x 2025-02-12 14:20:29+00:00| seen|...
ChatGPT Finds XSS IN DeepSeek AI Python Code
ChatGPT finds cross site scripting issues with DeepSeek code examples. Let the AI fights begin! Summary: On 2025-02-09 ChatGPT AI found "security concern" XSS in DeepSeek's AI python code. Background: Consider the simple coding question Q: Write Python CGI which takes as an argument NAME and...
CVE-2024-29800
Deserialization of Untrusted Data vulnerability in Timber Team & Contributors Timber.This issue affects Timber: from n/a through 1.23.0...
CVE-2024-56962
creationtimestamp| type| source ---|---|--- 2025-01-27 19:16:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqnoe4pmp2b 2025-01-27 19:34:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113901991861032466 2025-01-27 21:52:19+00:00| seen|...
GHSA-6PFC-W86R-54Q6 Welcome and About GeoServer pages communicate version and revision information
Impact The welcome and about page includes version and revision information about the software in use including library and components used. This information is sensitive from a security point of view because it allows software used by the server to be easily identified. Proof of Concept 1. Welco...
CVE-2024-51772
creationtimestamp| type| source ---|---|--- 2024-12-03 20:18:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113590738748153208 2024-12-03 23:11:18+00:00| seen| https://t.me/cvedetector/11915...
Ubuntu 16.04 LTS / 18.04 LTS : Ansible regression (USN-6846-2)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6846-2 advisory. USN-6846-1 fixed vulnerabilities in ansible. The update introduced a regression in ansible. This update fixes the problem. We apologize for the...
Malicious code in aggregate-rose-booby (npm)
--- -= Per source details. Do not edit below this line.=-...
Exploit for Code Injection in Mjml Mjml_App
MJML Local Code Execution PoC A Proof-Of-Concept for CVE-2024...
BELL-CVE-2023-52909
Bulletin has no description...
Malicious code in opengrep (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 8de001a262d51e9750f84bfa2f6d30f5798aca9d0614b5feb95215ed1ced0507 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
PT-2024-40939 · Crates.Io · Cggmp21
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue concerns challenge derivation in non-interactive Zero-Knowledge ZK proofs, which was ambiguous and could potentially lead to a security issue. However, it is unknown if this...
Malicious code in rbi-central (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2bb07bca061430ae301e13266324e7a35259de896d45c642b3548617d06a1e35 --- Credit: OpenSSF source...
MAL-2024-6412 Malicious code in active-model_serializers-hash_wrapper (RubyGems)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3973ce8df75b01b4152f76358d040cc48b1c9c6a18425c4639e20ab04b66466f --- Credit: OpenSSF source...
Malicious code in testepassword-generate (PyPI)
--- -= Per source details. Do not edit below this line.=-...