EUVD-2025-3600

Malicious code in bioql PyPI...

EUVD-2025-5059

Malicious code in bioql PyPI...

EUVD-2025-23041

Malicious code in bioql PyPI...

EUVD-2022-52758

Malicious code in bioql PyPI...

EUVD-2025-8849

Malicious code in bioql PyPI...

EUVD-2024-22480

Malicious code in bioql PyPI...

EUVD-2025-29434

Malicious code in bioql PyPI...

EUVD-2025-7730

Malicious code in bioql PyPI...

EUVD-2025-8853

Malicious code in bioql PyPI...

EUVD-2025-8852

Malicious code in bioql PyPI...

.NET 9.0 security update

An update is available for dotnet9.0. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

RLSA-2025:8816 Important: .NET 9.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 9.0.107 and .NET Runtime 9.0.6.Securi...

MAL-2025-47574 Malicious code in @discord-external/activity-iframe-sdk (npm)

The package @discord-external/activity-iframe-sdk was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: google-open-source-security c4df7af2ceae80fdc052edf95094a378287786ae21cfec9a6104a2af2b1d9b98 This package installs a dependency hosted on a cust...

CVE-2025-57324

parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of...

Cloudflare Workers SDK 信息泄露漏洞

Cloudflare Workers SDK is an open source developer toolkit for Cloudflare. An information disclosure vulnerability exists in Cloudflare Workers SDK versions prior to 1.6.0, which stems from a default configuration where the local development server exposes all files, potentially leading to the...

DEBIAN-CVE-2025-59160

Matrix JavaScript SDK is a Matrix Client-Server SDK for JavaScript and TypeScript. matrix-js-sdk before 38.2.0 has insufficient validation of room predecessor links in MatrixClient::getJoinedRooms, allowing a remote attacker to attempt to replace a tombstoned room with an unrelated...

MAL-2025-41591 Malicious code in phone-feature-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in phone-feature-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-36729 RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...

MAL-2025-26193 Malicious code in mentors-sdk-js (npm)

The package mentors-sdk-js was found to contain malicious code...