204 matches found
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: caddy: caddy-2.11.3-0.1.hum1 aarch64, x8664 caddy-2.11.3-0.1.hum1.src src...
Important: kernel-livepatch-6.12.77-99.140
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags "Dirty Frag" and other issues in Amazon Linux kernels: https://aws.amazon.com/security/security-bulletins/2026-027-aws/ CVE-2026-43284 Affected Packages:...
Astra Linux - уязвимость в dpkg
In dpkg, the Debian package management system, versions prior to 1.21.8, 1.20.10, 1.19.8, and 1.18.26 are vulnerable to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include debian.tar, the in-place extraction process may...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: gnutls: gnutls-3.8.13-1.hum1 aarch64, x8664 gnutls-c++-3.8.13-1.hum1 aarch64, x8664 gnutls-dane-3.8.13-1.hum1 aarch64, x8664 gnutls-devel-3.8.13-1.hum1 aarch64, x8664 gnutls-fips-3.8.13-1.hum1...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: qt6: qt6-filesystem-6.11.0-1.hum1 aarch64, x8664 qt6-rpm-macros-6.11.0-1.hum1 noarch qt6-srpm-macros-6.11.0-1.hum1 noarch qt6-6.11.0-1.hum1.src src...
Important: python3.11
Issue Overview: The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open. CVE-2026-4519 Affected Packages:...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: xz: xz-5.8.3-1.1.hum1 aarch64, x8664 xz-devel-5.8.3-1.1.hum1 aarch64, x8664 xz-libs-5.8.3-1.1.hum1 aarch64, x8664 xz-lzma-compat-5.8.3-1.1.hum1 aarch64, x8664 xz-static-5.8.3-1.1.hum1 aarch64,...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libcap: captree-2.78-1.1.hum1 aarch64, x8664 libcap-2.78-1.1.hum1 aarch64, x8664 libcap-devel-2.78-1.1.hum1 aarch64, x8664 libcap-static-2.78-1.1.hum1 aarch64, x8664 libcap-2.78-1.1.hum1.src src...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.12: python3.12-3.12.13-2.hum1 aarch64, x8664 python3.12-debug-3.12.13-2.hum1 aarch64, x8664 python3.12-devel-3.12.13-2.hum1 aarch64, x8664 python3.12-idle-3.12.13-2.hum1 aarch64, x8664...
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.13: python3.13-3.13.12-2.hum1 aarch64, x8664 python3.13-debug-3.13.12-2.hum1 aarch64, x8664 python3.13-devel-3.13.12-2.hum1 aarch64, x8664 python3.13-freethreading-3.13.12-2.hum1 aarch64,...
Malicious Package
Overview cline is a malicious package. NPM publishing token for this package was compromised and useb by an unauthorized party to publish version 2.3.0 containing a modified package.json with an added postinstall script "postinstall": "npm install -g openclaw@latest". This causes openclaw an...
1inch-agent-kit (=1.0.53), @0xchain/auth (>=0.0.1 <=1.1.0-beta.18) +4367 more potentially affected by CVE-2026-25639 via axios (>=1.0.0 <=1.13.4)
axios NPM version =1.0.0, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =8.0.5, =6.1.0, =0.0.1-alpha.3, =1.0.3-rc.0, =2.0.1 - @1tokenfe/hd-ble-sdk =1.1.15 - @1tokenfe/hd-common-connect-sdk =1.1.15 - @1tokenfe/hd-core =1.1.15 - @1tokenfe/hd-transport-electron =1.1.15 - @1tokenfe/hd-transport-emulator =1.1.15 -...
Important: kernel-livepatch-6.1.158-178.288
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields CVE-2025-40254 Affected Packages: kernel-livepatch-6.1.158-178.288 Issue Correction: Please ensure you have live patching enabled. Run dnf upda...
Malicious Package
Overview @cda-apps/source is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
EUVD-2025-90449
Malicious code in lina-bubur41-miaww npm...
EUVD-2025-89137
Malicious code in riana-taiwan29-miaww npm...
EUVD-2025-50963
Malicious code in xerothermic-coffee-gorilla npm...
MAL-2025-49318 Malicious code in stark-recurser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54520ff73a8cd962cb9ab3db426b6c93987e6b616edf752e0e5f6f346293af1b The package stark-recurser was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-48555 Malicious code in user_oidc (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e28e6e5435f54199a3dca6186e1ad2d2846226bcf0a6792ff09d40b6215ed7af The OpenSSF Package Analysis project identified 'useroidc' @ 8.0.2 np...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-50410 In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev...