72 matches found
Astra Linux - уязвимость в linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: tools/nolibc/stdlib: fixed a memory error in realloc Pass userplen to memcpy, instead of heap-len, to prevent realloc from copying an extra sizeofheap bytes beyond the allocated region...
Malicious Package
Overview github.com/BufferZoneCorp/go-stdlib-ext is a malicious package. This package contains malicious code designed to compromise developer systems and CI environments, specifically targeting GitHub Actions. The threat actor, operating under the GitHub account BufferZoneCorp, published a clust...
Malicious code in github.com/BufferZoneCorp/go-stdlib-ext (Go)
--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security a4e4f74e90479d472a307d311d48214827e21cf93ecf9b0b62ff2cb72adb2c9e This package is a malicious packages part of the Go BufferZoneCorp and RubyGems knot-theory clusters. The packages in this cluster steal...
K000161125: Erlang vulnerability CVE-2025-4748
Security Advisory Description Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: erlang (UTSA-2026-006245)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006245 advisory. Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP stdlib modules allows Absolute Path Traversal, File...
GHSA-83PF-V6QQ-PWMR Fickling has a detection bypass via stdlib network-protocol constructors
Our assessment imtplib, imaplib, ftplib, poplib, telnetlib, and nntplib were added to the list of unsafe imports https://github.com/trailofbits/fickling/commit/6d20564d23acf14b42ec883908aed159be7b9ade. The UnusedVariables heuristic works as expected. Original report Summary Fickling's checksafety...
SUSE SLES15 / openSUSE 15 Security Update : kubernetes-client (SUSE-SU-2025:4380-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4380-1 advisory. This update for kubernetes client rebuilds it against current the go release to fix bugs and security issues in the go stdlib...
box-bin (=0.3.1), box-format (>=0.3.0 <=0.3.3) +11 more potentially affected by unknown CVE via unic-normal (>=0.1.2 <=0.9.0)
unic-normal CARGO version =0.1.2, =0.3.0, =0.2.4-beta, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.3.0, =0.5.0, =0.7.0, =0.1.1, =0.9.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0082...
EUVD-2025-18414
Malicious code in bioql PyPI...
Malicious code in shopify-junos-ez-stdlib (npm)
The package shopify-junos-ez-stdlib was found to contain malicious code...
Malicious code in @zalastax/nolb-_stdlib_f (npm)
The package @zalastax/nolb-stdlibf was found to contain malicious code...
MAL-2025-10448 Malicious code in @zalastax/nolb-_stdlib_f (npm)
The package @zalastax/nolb-stdlibf was found to contain malicious code...
Malicious code in @zalastax/nolb-_stdlib_n (npm)
The package @zalastax/nolb-stdlibn was found to contain malicious code...
MAL-2025-10450 Malicious code in @zalastax/nolb-_stdlib_n (npm)
The package @zalastax/nolb-stdlibn was found to contain malicious code...
MAL-2025-10446 Malicious code in @zalastax/nolb-_stdlib_d (npm)
The package @zalastax/nolb-stdlibd was found to contain malicious code...
Malicious code in @zalastax/nolb-_stdlib_d (npm)
The package @zalastax/nolb-stdlibd was found to contain malicious code...
MAL-2025-10449 Malicious code in @zalastax/nolb-_stdlib_i (npm)
The package @zalastax/nolb-stdlibi was found to contain malicious code...
MAL-2025-10447 Malicious code in @zalastax/nolb-_stdlib_e (npm)
The package @zalastax/nolb-stdlibe was found to contain malicious code...
SUSE-SU-2025:02331-1 Security update for erlang26
This update for erlang26 fixes the following issues: - CVE-2025-4748: Fixed improper limitation of a pathname to a restricted directory vulnerability in Erlang OTP stdlib modules that allowed absolute path traversal bsc1244642...
OESA-2025-1767 erlang security update
Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Improper Limitation of a Pathname to a Restricted...