MAL-2026-4470 Malicious code in @zentrix23/baileys (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 00e60d3c1f2afd09e236dc4a5ae0cf2373029e6c62c4f7a9c571b13c2da01cd7 This package is a fork of @whiskeysockets/baileys with an undocumented modification: inside makeNewsletterSocket called unconditionally by...

MAL-2026-1126 Malicious code in @yaoii-bails/socket (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b9d1cc19b4be6f6fb1f29ceb7bedcf05a41ca8135b966956c84c5095c1629126 The package @yaoii-bails/socket was found to contain malicious code. Source: ghsa-malware...

EUVD-2023-36911

Malicious code in bioql PyPI...

CVE-2024-38141

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability...

Updated texlive-20220321 packages fix security vulnerabilities

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

Default configuration

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

UBUNTU-CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

LuaTeX 安全漏洞

LuaTeX is an extended version of pdfTeX from LuaTeX, using Lua as the embedded scripting language. A security vulnerability exists in LuaTeX versions prior to 1.17.0, which stems from enabling the socket library by default...

CVE-2023-32668

LuaTeX before 1.17.0 allows a document compiled with the default settings to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5...

UBUNTU-CVE-2020-36049

socket.io-parser before 3.4.1 allows attackers to cause a denial of service memory consumption via a large packet because a concatenation approach is used...

Debian DSA-4721-1 : ruby2.5 - security update

Several vulnerabilities have been discovered in the interpreter for the Ruby language. - CVE-2020-10663 Jeremy Evans reported an unsafe object creation vulnerability in the json gem bundled with Ruby. When parsing certain JSON documents, the json gem can be coerced into creating arbitrary objects...

[SECURITY] [DSA 4721-1] ruby2.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4721-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 08, 2020 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4721-1] ruby2.5 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4721-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso July 08, 2020 https://www.debian.org/security/faq -...

openSUSE Security Update : ruby2.5 (openSUSE-2020-586)

This update for ruby2.5 to version 2.5.8 fixes the following issues : - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. - CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938. This update was imported from the SUSE:SLE-15:Update update project. C...

OPENSUSE-SU-2020:0586-1 Security update for ruby2.5

This update for ruby2.5 to version 2.5.8 fixes the following issues: - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. - CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938. This update was imported from the SUSE:SLE-15:Update update project...

Security update for ruby2.5 (moderate)

openSUSE Security Update: Security update for ruby2.5 Announcement ID: openSUSE-SU-2020:0586-1 Rating: moderate References: 1167244 1168938 Cross-References: CVE-2020-10663 CVE-2020-10933 Affected Products: openSUSE Leap 15.1 An update that fixes two vulnerabilities is now available. Description:...

SUSE SLED15 / SLES15 Security Update : ruby2.5 (SUSE-SU-2020:0995-1)

This update for ruby2.5 to version 2.5.8 fixes the following issues : CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON bsc1167244. CVE-2020-10933: Heap exposure vulnerability in the socket library bsc1168938. Note that Tenable Network Security has extracted the preceding description...