CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19

CVE-2025-12084 affecting package python3 for versions less than 3.9.19-19. A patched version of the package is available...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2026-1098)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 4.0: Python3 PHSA-2026-4.0-0939

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-0939. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Python3 PHSA-2025-4.0-0853

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0853. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-2595)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2025-132339

Malicious code in roti3 npm...

Malicious code in alvino-3 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a13d55c4c8740d37d2a3e6a453631beab1dfc603e345f64de5e6784a0530c047 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Photon OS 5.0: Python3 PHSA-2025-5.0-0657

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0657. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

EUVD-2021-0655

Malware in sbrugna...

MAL-2025-25390 Malicious code in lines-three (npm)

The package lines-three was found to contain malicious code...

SUSE: Security Advisory (SUSE-SU-2025:0554-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2025-1466)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Malicious code in lab-3-package-438d82fc (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1647151de9ec3b78d6f3b3c4dc4bfe1f7b27f9c1ffdb56d482daa533fd2b1ec3 Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

3base (>=0.1.30 <=0.1.31), 3d-a (>=1.0.0 <=1.1.5) +1008 more potentially affected by CVE-2020-28496 via three (>=0.100.0 <=0.124.0)

three NPM version =0.100.0, =0.1.30, =1.0.0, =1.0.0, =2.0.40, =1.0.1, =1.43.6, =1.0.0, =0.0.1, =1.0.0, =1.0.4 and more Source cves: CVE-2020-28496 Source advisory: OSV:GHSA-FQ6P-X6J3-CMMQ...

GHSA-FQ6P-X6J3-CMMQ Denial of service in three

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: js var three = require'three' function buildblankn var ret = "rgb" for var i = 0; i n; i++ ret += " " return ret + ""; var Color = three.Color var time = Date.now; new Colorbuildblank50000 var...

CVE-2020-28496

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require'three' function buildblank n var ret = "rgb" for var i = 0; i n; i++ ret += " " return ret + ""; var Color = three.Color var time = Date.now; new Colorbuildblank50000 var...

CVE-2020-28496 Regular Expression Denial of Service (ReDoS)

This affects the package three before 0.125.0. This can happen when handling rgb or hsl colors. PoC: var three = require'three' function buildblank n var ret = "rgb" for var i = 0; i n; i++ ret += " " return ret + ""; var Color = three.Color var time = Date.now; new Colorbuildblank50000 var...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the integrity of protected information

The multiple vulnerabilities in the libffi3 package of the Debian GNU/Linux operating system may lead to a violation of the integrity of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the squid3 package for the OpenSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libtiff3 package of the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...