MAL-2024-1819 Malicious code in @mosfe/beam-plugin-s3plus (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3134 Malicious code in toolbox-pkg-components (npm)

False positive caused by problematic ingestion. --- -= Per source details. Do not edit below this line.=-...

MAL-2024-1755 Malicious code in @maia-web/angular (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2788 Malicious code in @ks-radar/olap-auth (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2757 Malicious code in ngx-iceberg-links (npm)

False positive caused by problematic ingestion. --- -= Per source details. Do not edit below this line.=-...

MAL-2024-2411 Malicious code in @husky-x/gatsby-theme-husky (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2315 Malicious code in @hkbn/es-header-footer (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1803 Malicious code in @golden-stack/babel-web (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3841 Malicious code in @expue/vue3-renderer (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-3840 Malicious code in @expue/vue3-helper (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-7071 Malicious code in @corp-njord/core (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1856 Malicious code in @caesars-digital/caesars-ui (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-1980 Malicious code in @b2bgeo/ci-github (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2283 Malicious code in efx-angular-components (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-2394 Malicious code in front-locales (npm)

False positive caused by problematic ingestion. --- -= Per source details. Do not edit below this line.=-...

New Cyberthreat 'Boolka' Deploying BMANAGER Trojan via SQLi Attacks

A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER. "The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countrie...

Multiple WordPress Plugins Compromised: Hackers Create Rogue Admin Accounts

Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions. "The injected malware attempts to create a new administrative user account and then sends those details back to the...

CVE-2021-47595

CVE-2021-47595 affects the Linux kernel net/sched sch_ets. The vulnerability arises when the ETS qdisc changes (ets_qdisc_change) cause list_del corruption, leading to kernel BUG checks (invalid opcode in list_debug.c) and a system crash. The provided traces show the crash occurs in ets_qdisc_cha...

CVE-2024-38604

In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...

GHSA-GMRM-8FX4-66X7 vulnerabilities

Vulnerabilities for packages: keycloak, keycloak-operator...