201 matches found
EUVD-2025-140964
Malicious code in kapvino-sof-vais npm...
Malicious code in kapvino-sof-vaids (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 993cd77bda3fed27d22b840d37fc7fe4d0a36a6dc8d99b3bee23673e850ae6fb This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-140968
Malicious code in kapvino-sof-fidbi npm...
MAL-2025-175301 Malicious code in kapvino-sof-vas (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d22d0f08eee05b41c5123e15694885a807316cda4c4c6d5ef97665602ab3f261 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-140965
Malicious code in kapvino-sof-vaids npm...
Malicious code in kapvino-sof-fidaobi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 387be7dd9317b10c3aff2b7b9061ba36564408eb2af23f94d84cd6a59a9efb13 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in kapvino-sof-fidaabi (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 642d1cd66002ad67c50bdc75a06e70cd2e163e4add1d4dd1f5b32fc84467be59 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-140967
Malicious code in kapvino-sof-fidobi npm...
EUVD-2025-140966
Malicious code in kapvino-sof-vaidas npm...
CVE-2025-40132
CVE-2025-40132 (Linux kernel, ASoC Intel sof_sdw) : The issue arises in create_sdw_dailink() when calling add_sidecar callbacks on links that may contain codecs without an add_sidecar callback. The patch adds a NULL check for sof_end->codec_info->add_sidecar before invocation to prevent der...
Linux Distros Unpatched Vulnerability : CVE-2025-40132
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: Intel: sofsdw: Prevent jump to NULL addsidecar callback In createsdwdailink check that sofend-codecinfo-addsidecar is not NULL before calling it. The...
kernel: ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...
kernel: ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak.
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devmkstrdup to avoid memleak. sofpdata-tplgfilename can have address allocated by kstrdup and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 size 16:...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987603)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987603 advisory. In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: Fix NULL ptr dereference when ENOMEM Do not call snddmafreepages when...
EUVD-2022-55322
Malicious code in bioql PyPI...
EUVD-2025-18597
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-50305
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ASoC: sofes8336: fix possible use- after-free in sofes8336remove sofes8336remove calls...
SUSE CVE-2022-50305
In the Linux kernel, the following vulnerability has been resolved: ASoC: sofes8336: fix possible use-after-free in sofes8336remove sofes8336remove calls canceldelayedwork. However, that function does not wait until the work function finishes. This means that the callback function may still be...
CVE-2022-50305
In the Linux kernel, the following vulnerability has been resolved: ASoC: sofes8336: fix possible use-after-free in sofes8336remove sofes8336remove calls canceldelayedwork. However, that function does not wait until the work function finishes. This means that the callback function may still be...