Lucene search
K

1691 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/25 1:45 p.m.14 views

Malicious code in koishi-plugin-fusheng-car (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35bbb2f7cdae32f1a5012363b81298fd339c96b83718db535d77c0bdc0f936ec lib/index.js contains a hardcoded base64-encoded QQ user ID 'Mjc1OTcyMDE2MQ==' decoding to '2759720161' checked inside the plugin's permission gate...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/05/22 4:4 p.m.8 views

CLSA-2026-1779465893 postgresql: Fix of CVE-2026-6473

CVE-2026-6473: tsearch: bound StartSel/StopSel/FragmentDelimiter length to PGINT16MAX in tsheadline - CVE-2026-6473: contrib/ltree: guard lquery parsing against numvar and totallen wraparound - CVE-2026-6473: regex: add overflow-checked MALLOCARRAY/REALLOCARRAY and bound NFA state/color products...

8.8CVSS5.8AI score0.00668EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192u: Fixed a deadlock in ieee80211beaconsstop. There is a deadlock in ieee80211beaconsstop, as shown below: Thread 1 | Thread 2 | ieee80211sendbeacon ieee80211beaconsstop | modtimer spinlockirqsave //1 | Wa...

5.5CVSS6.2AI score0.00192EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: octeonep: Fixed the issue where the host would hang during device reboot. When the host loses heartbeat messages from the device, the driver calls the device-specific ndostop function, which frees the resources. If the driver is...

5.5CVSS6.2AI score0.00162EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix use after free on unload A system crash is observed due to a stack trace warning related to the use after free operation. There are two signals that can cause dpcthread to terminate: the UNLOADING flag and...

7.8CVSS6.4AI score0.00216EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/pt: Fixed a crash that occurred with stop filters in single-range mode. A check for !buf-single was added before calling ptbufferregionsize in places where a missing check could cause a kernel crash. This fix...

5.5CVSS6.1AI score0.00248EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt, all online CPUs will be notified and set to offline. However, as highlighted in the commit 19dbdcb8039c “smp: Warn on function...

5.6AI score0.0019EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: hrtimers: Timers queued after CPUHPAPHRTIMERSDYING are forced to be migrated away from the dying CPU to any online target. This is done to avoid delaying bandwidth timer handling tasks related to CPU hotplug progress. However,...

5.5CVSS6.4AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Added mutex protection for workqueue The workqueue may execute late, even after remoteproc is stopped or disabled. Some resources such as the rpmsg device and endpoint have been released in...

5.5CVSS6AI score0.00143EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: smb: server: splitting ksmbdrdmastoplistening out of ksmbdrdmaDestroy We cannot call destroyworkqueuesmbdirectwq; before stopsessions! Otherwise, existing connections will attempt to use smbdirectwq as a NULL pointer...

5.5CVSS6.3AI score0.00146EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: qcom: qdsp6: Fixed the issue where q6apm removal ordering occurs during ADSP stop and start. During ADSP stop and start, the kernel crashes due to the order in which ASoC components are removed. During ADSP stop, the...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: libceph: fixed a race condition between delayedwork and cephmoncstop The way delayed work is handled in cephmoncstop is prone to races with monfault, and possibly also finishhunting. Both of these can requeue the delayed work,...

5.5CVSS6.4AI score0.00226EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Purge vif txq in ieee80211dostop After ieee80211dostop, the packets from vif’s txq might still be processed. Another concurrent call to scheduleandwaketxq could cause those packets to be dequeued see...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: - riscv: ftrace: Fixed a panic caused by preemption being disabled. In RISCV, we need to use an AUIPC + JALR pair to encode an immediate jump, creating a jump to an address beyond 4K. This may cause errors if we want to enable...

5.4AI score0.00193EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: mptcp: fixed a race condition in mptcppmdeladdtimer The mptcppmdeladdtimer function can call skstoptimersyncsk, &entry-addtimer. It is reported that there might already be a free entry, as reported by syzbot. Added RCU...

6AI score0.00171EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: md: fixed the double-free of ioacctset bioset. Now, ioacctset is allocated and freed within a single operation in the personality context. The code that freed ioacctset during mdfree and mdstop has been removed...

7.8CVSS6.3AI score0.00259EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Stop the active perfmon if it is being destroyed. If the active performance monitor v3d-activeperfmon is being destroyed, stop it first. Currently, the active perfmon is not stopped during destruction, causing the...

5.5CVSS6.2AI score0.00167EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.15 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fixed NULL pointer access and potential loss of PEBS records When the intelpmudrainpebsicl function is called to drain PEBS records, the perfeventoverflow function might be called to process the last PEBS record. The...

5.7AI score0.00162EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: vfio: Split migration operations from main device operations The vfio core checks whether the driver sets certain migration operations e.g., setstate/getstate, and accordingly calls those operations. However, currently, the ml...

5.5CVSS6.4AI score0.00137EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In media: iris: gen2, a sanity check for session termination was added. In iriskillsession, inst-state is set to IRISINSTERROR, and sessionclose is executed, which will free memory allocated to insthfigen2-packet. If stopstreamin...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References1
Rows per page
Query Builder