206 matches found
png -- Out-of-bounds read
https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f reports: Prior to 1.6.52, an out-of-bounds read vulnerability in libpng's simplified API allows reading up to 1012 bytes beyond the pngsRGBbase512 array when processing valid palette PNG images with partial transparency an...
osbuild-composer security update
132.2-3.0.1 - Switch to UEKR8 repositories for OL9.6 Orabug: 37962207 - Add support to create OpenScap images JIRA: OLDIS-35301 - Simplify repository names JIRA: OLDIS-35893 - Refactor patches to fix some naming and set a correct kernel for Oracle Linux Orabug: 37253643 - Support using OCI...
EUVD-2017-1624
Malware in sbrugna...
EUVD-2017-1625
Malware in sbrugna...
EUVD-2011-2004
Malware in sbrugna...
EUVD-2016-1094
Malware in sbrugna...
EUVD-2000-0920
Malware in sbrugna...
EUVD-2025-4778
Malicious code in bioql PyPI...
EUVD-2025-24894
Malicious code in bioql PyPI...
Product Walkthrough: How Passwork 7 Addresses Complexity of Enterprise Security
Passwork is positioned as an on-premises unified platform for both password and secrets management, aiming to address the increasing complexity of credential storage and sharing in modern organizations. The platform recently received a major update that reworks all the core mechanics. Passwork 7...
MAL-2025-47318 Malicious code in json-rules-engine-simplified (npm)
The package was compromised and malicious code added. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d3d77ef6c0caa448d46f58d6f7da23e9e7b3ae880920707f9dd730325bfda9f5 Any computer that has this package installed or running should be considered fully compromised. All...
@bubbles-ui/leemons (>=1.0.0 <=1.2.277), @imtf/rjsf-conditionals (=5.0.3) +3 more potentially affected by unknown CVE via json-rules-engine-simplified (>=0.1.17 <=0.2.0)
json-rules-engine-simplified NPM version =0.1.17, =1.0.0, =0.1.0, =0.1.17, =0.1.1, =0.2.3 Source cves: unknown CVE Source advisory: SNYK:JS-JSONRULESENGINESIMPLIFIED-12704864...
Embedded Malicious Code
Overview json-rules-engine-simplified is a simple rules engine expressed in JSON Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including credentia...
CVE-2025-53241
Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...
CVE-2025-53241
Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...
CVE-2025-53241
CVE-2025-53241 is a Server-Side Request Forgery (SSRF) affecting the WordPress Simplified plugin, with vulnerable versions listed as n/a through 1.0.9 (and related notes indicating up to 1.0.11 in advisories). The underlying issue is an SSRF vulnerability in Simplified that permits the server to ...
CVE-2025-53241 WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...
CVE-2025-53241 WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in kodeshpa Simplified simplified allows Server Side Request Forgery.This issue affects Simplified: from n/a through = 1.0.11...
WordPress Simplified plugin <= 1.0.11 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Simplified versions = 1.0.11...
PT-2025-33369 · Unknown · Kodeshpa Simplified
Name of the Vulnerable Software and Affected Versions: kodeshpa Simplified versions n/a through 1.0.9 Description: A Server-Side Request Forgery SSRF vulnerability exists in kodeshpa Simplified. This issue allows for Server Side Request Forgery. Recommendations: Update kodeshpa Simplified to a...