CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19

CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19. A patched version of the package is available...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1098)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 4.0: Python3 PHSA-2026-4.0-0939

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0939. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Python3 PHSA-2025-4.0-0853

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0853. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2595)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-132339

Malicious code in roti3 npm...

Malicious code in alvino-3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a13d55c4c8740d37d2a3e6a453631beab1dfc603e345f64de5e6784a0530c047 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Photon OS 5.0: Python3 PHSA-2025-5.0-0657

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0657. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EUVD-2021-0655

Malware in sbrugna...

MAL-2025-25390 Malicious code in lines-three (npm)

The package lines-three was found to contain malicious code...

SUSE: Security Advisory (SUSE-SU-2025:0554-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in lab-3-package-438d82fc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1647151de9ec3b78d6f3b3c4dc4bfe1f7b27f9c1ffdb56d482daa533fd2b1ec3 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

3base (>=0.1.30 <=0.1.31), 3d-a (>=1.0.0 <=1.1.5) +1008 more potentially affected by CVE-2020-28496 via three (>=0.100.0 <=0.124.0)

three NPM version =0.100.0, =0.1.30, =1.0.0, =1.0.0, =2.0.40, =1.0.1, =1.43.6, =1.0.0, =0.0.1, =1.0.0, =1.0.4 and more Source cves: CVE-2020-28496 Source advisory: OSV:GHSA-FQ6P-X6J3-CMMQ...

GHSA-FQ6P-X6J3-CMMQ Denial of service in three

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: js var three = require'three' function buildblankn var ret = "rgb" for var i = 0; i n; i++ ret += " " return ret + ""; var Color = three.Color var time = Date.now; new Colorbuildblank50000 var...

CVE-2020-28496

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require'three' function buildblank n var ret = "rgb" for var i = 0; i n; i++ ret += " " return ret + ""; var Color = three.Color var time = Date.now; new Colorbuildblank50000 var...

CVE-2020-28496 Regular Expression Denial of Service (ReDoS)

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require'three' function buildblank n var ret = "rgb" for var i = 0; i n; i++ ret += " " return ret + ""; var Color = three.Color var time = Date.now; new Colorbuildblank50000 var...