MAL-2025-3291 Malicious code in quaoqpdizoqsqdqsd (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 7f1f9340c89842abcbd40ae92859a72850ca38d95401add0c0bf3591b5ab8e8f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-49582

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix NULL pointer dereference in dsaportresetvlanfiltering The "ds" iterator variable used in dsaportresetvlanfiltering - dsaswitchforeachport overwrites the "dp" received as argument, which is later used to call...

WordPress BuddyForms Plugin <= 2.8.12 is vulnerable to Cross Site Scripting (XSS)

Software BuddyForms Type Plugin Vulnerable versions = 2.8.12 Fixed in 2.8.13 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47377 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9418faef5fbf Credits SOPROBRO Required privilege Editor...

RHSA-2017:0195 Red Hat Security Advisory: ansible security update

Bulletin has no description...

Intel® GPA Software Advisory

Summary: Potential security vulnerabilities in some Intel® Graphics Performance Analyzers GPA and Intel® GPA Framework software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-24460...

Denial of Service in dhowden/tag

dhowden tag before 0.0.0-20201120070457-d52dcb253c63 allows panic: runtime error: index out of range via readPICFrame...

Directory Traversal

sharpziplib is vulnerable to directory traversal. The vulnerability exists due to the TAR extraction directory path not enforced to be slash terminated allowing an attacker to create a file with a name thats begins with the destination directory...

MGASA-2018-0489 Updated sqlite3 packages fix security vulnerability

A security issue fixed upstream in sqlite3 has been announced: https://www.openwall.com/lists/oss-security/2018/12/21/1 The issue is fixed in 3.25.3...

Mozilla Thunderbird code execution

It's possible to execute javascript via object tag...

Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username / Password Retrieval

source: https://www.securityfocus.com/bid/1885/info A vulnerability exists in the Cisco Virtual Central Office 4000 VCO/4K programmable voice switch running software versions 5.13 and earlier. The usernames and passwords for the device's SNMP administration interface are protected by a simple...

WinU Backdoor passwords!!!!

WinU 1.0-5.1 Backdoor passwords Intro ===== After downloading WinU 5.1 I noticed the built-in "emergency password" capability, mentioned in the help file. I decided to take a look around. AND WOW! GOT 'EM ALL! Passwords ========= WinU 1.0-2.02: KX98592V63 BARRY SMILER WinU 3.2a: LRTV5 BARRY SMILE...

Очередной обзор новостей Linux

No description provided...

CVE-2018-4547

...