7921 matches found
MAL-2026-1988 Malicious code in dataflux-pytorch (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 486e56ad4de2a59b9c8890d854505075b556ca6920be97f850a14c7d648f7f3b Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in mcp-transport-proto (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 a40306e4035df29c739d5073ccb341685275d5cebba588b7014898229752e11f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in cloud-datasets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1986 Malicious code in cloud-datasets (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 7cbbef34e9c8a9e6db79ffb59dde86dafe9734166f201aae8a5d1837ac262fc0 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
MAL-2026-1985 Malicious code in azure-eventhub-checkpointstoretable (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e41a629242e28270fbee568718ddef63da1e359ad5a5a1401ed85c48ef870d73 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
Malicious code in azure-eventhub-checkpointstoretable (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 e41a629242e28270fbee568718ddef63da1e359ad5a5a1401ed85c48ef870d73 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...
WordPress KiviCare plugin <= 4.1.2 - Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability
Missing Authorization to Unauthenticated Privilege Escalation via Setup Wizard vulnerability discovered by WordFence in WordPress Plugin KiviCare versions = 4.1.2...
EUVD-2026-13611
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...
EUVD-2026-13600
A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...
CVE-2026-23275
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...
CVE-2026-23275
CVE-2026-23275 (Linux kernel, io_uring): The issue arises when DEFER_TASKRUN | SETUP_TASKRUN are used and task work is added while the ring is resized, allowing an overlap window where IORING_SQ_TASKRUN could be OR’ed on the old/new rings during swapping. The fix adds a 2nd rings pointer, →rings_...
CVE-2026-23275
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...
CVE-2025-67115
A path traversal vulnerability in /ftl/web/setup.cgi in Small Cell Sercomm SCE4255W FreedomFi Englewood firmware before DG3934v3@2308041842 allows remote authenticated users to read arbitrary files from the filesystem via crafted values in the logtype parameter to /logsave.htm...
CVE-2023-43010
A flaw was found in WebKitGTK. Processing malicious web content can cause memory corruption due to improper memory handling. Mitigation Do not process or load untrusted web content with WebKitGTK. In Red Hat Enterprise Linux 7, the following packages require WebKitGTK4: evolution-data-server,...
SUSE CVE-2026-23254
In the Linux kernel, the following vulnerability has been resolved: net: gro: fix outer network offset The udp GRO complete stage assumes that all the packets inserted the RX have the encapsulation flag zeroed. Such assumption is not true, as a few H/W NICs can set such flag when H/W offloading t...
SUSE CVE-2026-23256
In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...
SUSE CVE-2026-23257
In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in PF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...
SUSE CVE-2026-23258
In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Initialize netdev pointer before queue setup In setupnicdevices, the netdev is allocated using allocetherdevmq. However, the pointer to this structure is stored in oct-propsi.netdev only after the calls to...
Sercomm SCE4255W 安全漏洞
Sercomm SCE4255W is a broadband gateway device produced by Sercomm in Taiwan, China. Previous versions of Sercomm SCE4255W DG3934v3@2308041842 had security vulnerabilities. These vulnerabilities stemmed from path traversal vulnerabilities in the /ftl/web/setup.cgi file, which could allow...
Exploit for Deserialization of Untrusted Data in Apache Activemq
Security Engineer — Test Task A self-contained Docker environ...