MAL-2026-2906 Malicious code in swplayer-react-sl (npm)

swplayer-react-sl is a malicious npm package that when imported downloads a C2 dropper from https://coingecko-liard.vercel.app and executes it. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fb25be00997a0e21d0d5337b89729fe6c3a99c9364f8a46d4b2e2a828e845f54 The...

SUSE-SU-2026:20176-1 Security update for elemental-register, elemental-toolkit

This update for elemental-register, elemental-toolkit fixes the following issues: elemental-register was updated to 1.8.1: Changes on top of v1.8.1: Update headers to 2026 Update questions to include SL Micro 6.2 Update to v1.8.1: Install yip config files in before-install step Bump...

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-62349: Added minimumauthversion to enforce security bsc1254257 CVE-2025-62348: Fixed Junos module yaml loader bsc1254256 Backport security fixes for vendored tornado BDSA-2024-3438 BDSA-2024-3439 BDSA-2024-9026 Other...

EUVD-2004-0357

Malware in sbrugna...

EUVD-2016-3415

Malware in sbrugna...

EUVD-2016-3416

Malware in sbrugna...

EUVD-2016-3417

Malware in sbrugna...

EUVD-2004-0356

Malware in sbrugna...

EUVD-2024-40447

Malicious code in bioql PyPI...

com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +78 more potentially affected by CVE-2025-9340 via org.bouncycastle:bc-fips (=2.1.0)

org.bouncycastle:bc-fips MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.github.cafaudit:caf-audit-binding-elasticsearch =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321,...

Malicious code in @zalastax/nolb-_sl- (npm)

The package @zalastax/nolb-sl- was found to contain malicious code...

Malicious code in @zalastax/nolb-node-sl (npm)

The package @zalastax/nolb-node-sl was found to contain malicious code...

Malicious code in @zalastax/nolb-react-sl (npm)

The package @zalastax/nolb-react-sl was found to contain malicious code...

Malicious code in sl-em7-gql (npm)

The package sl-em7-gql was found to contain malicious code...

MAL-2025-13767 Malicious code in @zalastax/nolb-react-sl (npm)

The package @zalastax/nolb-react-sl was found to contain malicious code...

MAL-2025-33400 Malicious code in sl-em7-gql (npm)

The package sl-em7-gql was found to contain malicious code...

CVE-2023-51948

A Site-wide directory listing vulnerability in /fm in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to list the files hosted by the web application...

Security update for pcr-oracle, shim

This update for pcr-oracle, shim fixes the following issues: pcr-oracle: predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit the...

SUSE-SU-2025:20136-1 Security update for pcr-oracle, shim

This update for pcr-oracle, shim fixes the following issues: pcr-oracle: - predict SbatLevelRT for the next boot bsc1230316 shim was updated to version 15.8: - Update shim-install to use the 'removable' way for encrypted SL-Micro images bsc1230316 Always use the removable way for SL-Micro Limit t...

CVE-2024-49504

CVE-2024-49504 is referenced in multiple security advisories for grub2 (GRUB2) across EulerOS and Tencent/TencentOS Server ecosystems. The linked Nessus/OPENVAS entries identify that “grub2 allowed attackers with access to the grub shell to access files on the encrypted disks,” indicating a vulne...