MAL-2026-3151 Malicious code in apple-cloud-infrastructure-monitor (npm)

Malicious npm package published by threat actor "raya4321" as part of a coordinated typosquatting campaign impersonating Apple internal infrastructure services authentication, PKI, telemetry, CloudKit, and cloud infrastructure. All packages in this campaign execute credential-theft payloads durin...

uutils coreutils allows unauthorized modification of permissions on existing files

A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up...

CVE-2026-35341

The CVE-2026-35341 entry concerns uutils coreutils mkfifo. The vulnerability arises when mkfifo tries to create a FIFO but a file already exists at the target path; the operation for that path does not terminate and a follow-up set_permissions call executes, changing the existing file’s permissio...

CVE-2025-65000

CVE-2025-65000 affects Checkmk (Linux Remote alert handlers rule). SSH private keys were exposed in the HTML source of the rule page for Checkmk 2.3.0 and all versions up to 2.4.0p18, potentially allowing unauthorized triggering of predefined alert handlers on affected hosts. The Red Hat, NVD, Ub...

CVE-2025-65000 Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule

SSH private keys of the "Remote alert handlers Linux" rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed...

CVE-2025-65000 Exposure of SSH Private Keys in Remote Alert Handlers (Linux) Rule

SSH private keys of the "Remote alert handlers Linux" rule were exposed in the rule page's HTML source in Checkmk = 2.4.0p18 and all versions of Checkmk 2.3.0. This potentially allowed unauthorized triggering of predefined alert handlers on hosts where the handler was deployed...

EUVD-2015-2994

Malware in sbrugna...

EUVD-2005-2190

Malware in sbrugna...

EUVD-2011-3551

Malware in sbrugna...

EUVD-2015-2121

Malware in sbrugna...

EUVD-2024-46961

Malicious code in bioql PyPI...

EUVD-2022-44798

Malicious code in bioql PyPI...

EUVD-2024-32130

Malicious code in bioql PyPI...

CVE-2024-5813

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...

CVE-2023-36654

Directory traversal in the log-download REST API endpoint in ProLion CryptoSpike 3.0.15P2 allows remote authenticated attackers to download host server SSH private keys associated with a Linux root user by injecting paths inside REST API endpoint parameters...

CVE-2020-6961

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center CIC Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station CSCS Versions 1.X, a vulnerability exists in the affected products that could allow...

CVE-2024-3544

Unauthenticated attackers can perform actions, using SSH private keys, by knowing the IP address and having access to the same network of one of the machines in the HA or Cluster group. This vulnerability has been closed by enhancing LoadMaster partner communications to require a shared secret th...

QNAP QTS and Photo Station Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and Photo Station Local File Inclusion', 'Description' = %q This module exploits a local file inclusion in QNAP QTS and Photo Station th...

PT-2024-4208 · Rancher · Rancher Kubernetes Engine +1

Name of the Vulnerable Software and Affected Versions: Rancher Kubernetes Engine RKE versions prior to 1.4.19 Rancher Kubernetes Engine RKE versions prior to 1.5.10 Rancher versions prior to 2.7.14 Rancher versions prior to 2.8.5 Description: The issue is related to the storage of cluster state i...

CVE-2024-5813 SSH Private Key Leak in BeyondInsight PasswordSafe

A medium severity vulnerability in BIPS has been identified where an authenticated attacker with high privileges can access the SSH private keys via an information leak in the server response...