39 matches found
Exploit for Type Confusion in Apple Safari
CVE-2024-23222 — WebKit Type Confusion → iOS 16.4.1 Sandbox Es...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed the host’s stage-2 PGD refcount issue The KVM page-table library counts the pages of concatenated stage-2 PGs individually. However, when KVM runs in protected mode, the host’s stage-2 PGD is currently managed b...
Malicious code in @velora-dex/sdk (npm)
Malicious npm package executing base64-decoded shell command to download and run stage-2 payload from C2 server 89.36.224.5 targeting macOS --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21a732dd2745098176d2c19fe3edb359db6f6690b5d14b8d49e8a00b61325311 The packa...
MAL-2026-2510 Malicious code in @velora-dex/sdk (npm)
Malicious npm package executing base64-decoded shell command to download and run stage-2 payload from C2 server 89.36.224.5 targeting macOS --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 21a732dd2745098176d2c19fe3edb359db6f6690b5d14b8d49e8a00b61325311 The packa...
MAL-2026-2526 Malicious code in request-js-validator (npm)
Copy of 'request' library with injected payload. Spawns detached child process that fetches stage-2 and executes via new Function.constructor'require', payload. Same pattern as express-session-js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
Malicious code in request-js-validator (npm)
Copy of 'request' library with injected payload. Spawns detached child process that fetches stage-2 and executes via new Function.constructor'require', payload. Same pattern as express-session-js. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector...
MAL-2026-2449 Malicious code in mgc (npm)
Package fetches platform-specific stage-2 payloads from a GitHub Gist. The stage-2 payloads are full Remote Access Trojans RATs for Linux Python and Windows PowerShell that beacon to a C2 server, exfiltrate system information, enumerate directories, execute arbitrary commands, and support binary...
mariadb: MariaDB Server Crash Due to Empty Backtrace Log
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...
mariadb: MariaDB Server Crash Due to Empty Backtrace Log
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...
mariadb: MariaDB Server Crash Due to Empty Backtrace Log
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...
mariadb: MariaDB Server Crash Due to Empty Backtrace Log
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...
mariadb: MariaDB Server Crash Due to Empty Backtrace Log
A flaw was found in MariaDB Server. This vulnerability may allow an attacker to cause a crash via an issue related to makeaggrtablesinfo and optimizestage2, resulting in an empty backtrace log...
kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: cmd-db: Map shared memory as WC, not WB Linux does not write into cmd-db region. This region of memory is write protected by XPU. XPU may sometime falsely detect clean cache eviction as "write" into the write protected...
Linux Distros Unpatched Vulnerability : CVE-2019-10147
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter are not limited by cgroups during...
Linux Distros Unpatched Vulnerability : CVE-2019-10145
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rkt through version 1.30.0 does not isolate processes in containers that are run with rkt enter. Processes run with rkt enter do not have seccomp filtering duri...
Linux Distros Unpatched Vulnerability : CVE-2024-5660
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use of Hardware Page Aggregation HPA and Stage-1 and/or Stage-2 translation on Cortex-A77, Cortex-A78, Cortex-A78C, Cortex-A78AE, Cortex-A710, Cortex-X1,...
Linux Distros Unpatched Vulnerability : CVE-2025-37996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 KVM: arm6...
Linux Distros Unpatched Vulnerability : CVE-2021-47450
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of...
SUSE CVE-2025-37996
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix uninitialized memcache pointer in usermemabort Commit fce886a60207 "KVM: arm64: Plumb the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional, leaving a codepath whe...