Jakarta Tomcat 3.1 and 3.0 - Information Disclosure

Jakarta Tomcat 3.1 and 3.0 under Apache contain a vulnerability in the Snoop servlet that reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension, exploit requires remote access. id: CVE-2000-0760 info: name: Jakarta Tomcat 3.1 and 3.0 -...

PT-2026-42542

Concrete CMS 9.5.0 and below is vulnerable to Stored XSS via OAuth integration name. The OAuth authorize template renders the integration name admin-controlled through Concrete's t translation helper as a sprintf-style format. The ... wrap is built by PHP string interpolation before t runs, so th...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add a NULL check in aspeedlpcenablesnoop. devmkasprintf returns NULL when memory allocation fails. Currently, aspeedlpcenablesnoop does not check for this case, which results in a NULL pointer being dereferenced. Add...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: soc: aspeed: lpc-snoop: Do not disable channels that are not enabled. The following issues have been mitigated: echo 1e789080.lpc-snoop /sys/bus/platform/drivers/aspeed-lpc-snoop/unbind ... 120.363594 Unable to handle kernel...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38145)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38145 advisory. - In the Linux kernel, the following vulnerability has been resolved: soc: aspeed: Add NULL check in...

MiracleLinux 4 : wireshark-1.2.15-2.AXS4.1 (AXSA:2012-539:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-539:02 advisory. Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library,...

EUVD-2025-36470

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must...

CVE-2025-40058

CVE-2025-40058 is a Linux kernel vulnerability affecting the iommu/vt-d path. The issue arises when the IOMMU page walk is incoherent, causing dirty page tracking to fail because the IOMMU and CPU cannot atomically update the dirty bit in the paging-structure entry. The mitigation described in th...

EUVD-2009-0602

Malware in sbrugna...

EUVD-2003-0467

Malware in sbrugna...

EUVD-2012-2164

Malware in sbrugna...

EUVD-1999-0954

Malware in sbrugna...

EUVD-1999-0955

Malware in sbrugna...

EUVD-2025-22876

Malicious code in bioql PyPI...

[SECURITY] Fedora 43 Update: tcpreplay-4.5.2-1.fc43

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

[SECURITY] Fedora 41 Update: tcpreplay-4.5.2-1.fc41

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

[SECURITY] Fedora 42 Update: tcpreplay-4.5.2-1.fc42

Tcpreplay is a tool to replay captured network traffic. Currently, tcpreplay supports pcap tcpdump and snoop capture formats. Also included, is tcpprep a tool to pre-process capture files to allow increased performance under certain conditions as well as capinfo which provides basic information...

soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled

...

Linux Distros Unpatched Vulnerability : CVE-2025-38487

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - soc: aspeed: lpc-snoop: Don't disable channels that aren't enabled Mitigate e.g. the following: echo 1e789080.lpc-snoop...

Malicious code in @malware-test-snoop-spalt-sorbo-yrivd/test-mlw3-snoop-spalt-sorbo-yrivd (npm)

The package @malware-test-snoop-spalt-sorbo-yrivd/test-mlw3-snoop-spalt-sorbo-yrivd was found to contain malicious code...