213 matches found
EUVD-2025-50963
Malicious code in xerothermic-coffee-gorilla npm...
MAL-2025-49318 Malicious code in stark-recurser (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 54520ff73a8cd962cb9ab3db426b6c93987e6b616edf752e0e5f6f346293af1b The package stark-recurser was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-48555 Malicious code in user_oidc (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e28e6e5435f54199a3dca6186e1ad2d2846226bcf0a6792ff09d40b6215ed7af The OpenSSF Package Analysis project identified 'useroidc' @ 8.0.2 np...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-50410 In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev...
EUVD-2014-0513
Malware in sbrugna...
EUVD-2017-17245
Malware in sbrugna...
EUVD-2014-3801
Malware in sbrugna...
EUVD-2005-0160
Malware in sbrugna...
EUVD-2017-17771
Malware in sbrugna...
EUVD-2014-0509
Malware in sbrugna...
CVE-2025-10502
Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...
Important: kernel-livepatch-6.1.140-154.222
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration CVE-2025-38248 Affected Packages: kernel-livepatch-6.1.140-154.222 Issue Correction: Please ensure you have live patching enabled. Run dnf update...
Linux Distros Unpatched Vulnerability : CVE-2022-1664
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal...
Malicious code in @zalastax/nolb-o6 (npm)
The package @zalastax/nolb-o6 was found to contain malicious code...
CVE-2025-8581
Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...
CVE-2025-54410
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...
Canonical Juju utils 安全漏洞
Canonical Juju utils is an open source package from Canonical Juju. A security vulnerability exists in Canonical Juju utils, which stems from the fact that private information may be included in the certificate generation process, which could lead to private key disclosure...
CVE-2025-47291
containerd is an open-source container runtime. A bug was found in the containerd's CRI implementation where containerd, starting in version 2.0.1 and prior to version 2.0.5, doesn't put usernamespaced containers under the Kubernetes' cgroup hierarchy, therefore some Kubernetes limits are not...
Gather Source Package Manager Packages (nix)
Gather and store the source package data for rpm and dpkg package managers for future use during the scan. TRUSTED...