crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

MAL-2026-1416 Malicious code in twitch-security (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...

Malicious code in twitch-security (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4f99261d9b844b178048388c92a488b23fa3bf806bbedbcc40108cb97f0b7087 The package twitch-security was found to contain malicious code. Source: ghsa-malware f46d2713d7df72180db5cb77dcd0cefbbffa8baa5a245e376ab250a84d29fc2...

EUVD-2025-37284

Malicious code in bcp-security-package-update npm...

Malicious code in bcp-security-package-update (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7ab9e582af309b4d91c05179b0b3a9d0532e26d3c7c34b1d80d0b1ad826d71c4 The package bcp-security-package-update was found to contain malicious code. Source: ghsa-malware...

Malicious code in npm-security-check (npm)

The package npm-security-check was found to contain malicious code...

Linux Distros Unpatched Vulnerability : CVE-2023-53007

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure traceprintk can output as soon as it can be used Currently traceprintk ca...

MAL-2025-5880 Malicious code in @pmm-ux/asset-uploader (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d55463889147e38c097882b9f092f80284c39e9abddb7fba65570dc12906d7b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5210 Malicious code in vscode-webview-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3c554272558835d430a639e8f5586c55232eac880a493f0e8228bd4ac5e8d87d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in odin-security1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2d86b20d8160d57b785f74b9bba211706cb3432a2060da273c1b876e3d2cfa39 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Linux Distros Unpatched Vulnerability : CVE-2021-47415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: Fix possible NULL dereference In iwlmvmremovetimeevent check that 'tedata-vif'...

Linux Distros Unpatched Vulnerability : CVE-2017-17564

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service host OS crash or gain host OS privileges by leveraging incorre...

GHSA-CPM6-FP82-CQ6M vulnerabilities

Vulnerabilities for packages: firefox...

GHSA-6784-35H5-4M72 vulnerabilities

Vulnerabilities for packages: openjdk-25-openj9, openjdk-8-openj9, openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-26-openj9...

OPENSUSE-SU-2025:14717-1 owasp-modsecurity-crs-4.10.0-1.1 on GA media

These are all security issues fixed in the owasp-modsecurity-crs-4.10.0-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2024-21219 affecting package mysql for versions less than 8.0.40-1

CVE-2024-21219 affecting package mysql for versions less than 8.0.40-1. An upgraded version of the package is available that resolves this issue...

OPENSUSE-SU-2024:14289-1 element-web-1.11.75-1.1 on GA media

These are all security issues fixed in the element-web-1.11.75-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13192-1 libxml2-2-2.10.4-3.1 on GA media

These are all security issues fixed in the libxml2-2-2.10.4-3.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10714-1 dex-oidc-2.28.1-1.3 on GA media

These are all security issues fixed in the dex-oidc-2.28.1-1.3 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:10034-1 apache2-mod_security2-2.9.0-5.6 on GA media

These are all security issues fixed in the apache2-modsecurity2-2.9.0-5.6 package on the GA media of openSUSE Tumbleweed...