Lucene search
K

16 matches found

OSV
OSV
added last week5 views

MAL-2026-6468 Malicious code in ts-opus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b0105b34723dd6e1449c3353d1d4df0dcf94ae460a4dfd156566bb4ba372c7 ts-opus 0.0.8 ships an unmodified copy of MikeMcl/big.js README, copyright, and repository URL all reference big.js but injects an additional top-lev...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added last week7 views

Malicious code in ts-opus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 73b0105b34723dd6e1449c3353d1d4df0dcf94ae460a4dfd156566bb4ba372c7 ts-opus 0.0.8 ships an unmodified copy of MikeMcl/big.js README, copyright, and repository URL all reference big.js but injects an additional top-lev...

6AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 2:24 p.m.9 views

Malicious code in new-mjs-eslint (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4ae24b182a00059424b8ea4800927bbbf662f0e6bf20264af611d37203a3f2e Package is published under the unrelated name 'new-mjs-eslint' but ships a verbatim copy of the big.js decimal-arithmetic library original...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/19 5:20 a.m.8 views

Malicious code in new-ecro-1 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0c4e172aa83f2b8742fb014ea649490c87815573cab692ea74eb402ee23f935c Package new-ecro-1 impersonates the legitimate big.js library by shipping its source verbatim banner, license, and homepage pointing at MikeMcl/big.j...

5.8AI score
Exploits0References3
EUVD
EUVD
added 2026/04/22 7:54 p.m.4 views

EUVD-2026-24576

free5GC AMF: Missing default case in Content-Type switch in HTTPUEContextTransfer...

6.9CVSS5.7AI score0.00282EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 3:1 a.m.5 views

CVE-2023-1768

Inappropriate error handling in Tribe29 Checkmk = 2.1.0p25, = 2.0.0p34, = 2.2.0b3 beta, and all versions of Checkmk 1.6.0 causes the symmetric encryption of agent data to fail silently and transmit the data in plaintext in certain configurations...

5.3CVSS6.9AI score0.00913EPSS
Exploits0References1
OSV
OSV
added 2025/04/16 3:15 p.m.1 views

DEBIAN-CVE-2025-22031

In the Linux kernel, the following vulnerability has been resolved: PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion When BIOS neglects to assign bus numbers to PCI bridges, the kernel attempts to correct that during PCI device enumeration. If it runs out of bus numbers, no pcibu...

5.5CVSS6.4AI score0.00208EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/08/20 12:0 a.m.19 views

EulerOS Virtualization 2.11.0 : curl (EulerOS-SA-2024-2189)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the...

8.6CVSS6.9AI score0.36081EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/08/20 12:0 a.m.10 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2134)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS7.5AI score0.36081EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.19 views

EulerOS 2.0 SP8 : curl (EulerOS-SA-2024-2022)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...

8.6CVSS6.7AI score0.36081EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/07/15 12:0 a.m.21 views

EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-1878)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowe...

8.6CVSS6.9AI score0.36081EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2024/03/29 3:30 a.m.3 views

SUSE CVE-2024-2398

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

6.5CVSS7.6AI score0.36081EPSS
Exploits1References9
OSV
OSV
added 2024/03/27 8:15 a.m.1 views

DEBIAN-CVE-2024-2398

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

8.6CVSS7.1AI score0.36081EPSS
Exploits1References1
OSV
OSV
added 2024/03/27 8:15 a.m.1 views

ALPINE-CVE-2024-2398

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

8.6CVSS6.9AI score0.36081EPSS
Exploits1References1
OSV
OSV
added 2024/03/27 8:15 a.m.8 views

AZL-37069 CVE-2024-2398 affecting package cmake for versions less than 3.21.4-14

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

8.6CVSS6.7AI score0.36081EPSS
Exploits1References1
OSV
OSV
added 2024/03/27 7:0 a.m.5 views

UBUNTU-CVE-2024-2398

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

8.6CVSS6.9AI score0.36081EPSS
Exploits1References6
Rows per page
Query Builder