Lucene search
K

149 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/10 6:2 p.m.2 views

Malicious code in genetic_tick_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f542971b5f5954a674616d1206253605e8d0402229823361f3e8aa14ba195bdf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990497 advisory. In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQLEVEL Baoquan reported that after triggering a cras...

5.5CVSS6.2AI score0.00247EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989126)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989126 advisory. In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport init-annotated ticknohzfullsetup EXPORTSYMBOL and init is a bad combination...

5.5CVSS6.2AI score0.00273EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2025/11/03 12:56 p.m.26 views

⚡ Weekly Recap: Lazarus Hits Web3, Intel/AMD TEEs Cracked, Dark Web Leak Tool & More

Cyberattacks are getting smarter and harder to stop. This week, hackers used sneaky tools, tricked trusted systems, and quickly took advantage of new security problems—some just hours after being found. No system was fully safe. From spying and fake job scams to strong ransomware and tricky...

10CVSS9.3AI score0.99898EPSS
Exploits90
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RCU: Fixed a deadloop in rcureadunlock due to IRQ work. During rcureadunlockspecial, if this occurs during irqexit, we may get locked up if an IPI is issued. This is because the IPI itself triggers the irqexit path, causing a...

7.1CVSS5.7AI score0.00149EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2025/10/31 1:26 p.m.7 views

China-Linked Tick Group Exploits Lanscope Zero-Day to Hijack Corporate Systems

The exploitation of a recently disclosed critical security flaw in Motex Lanscope Endpoint Manager has been attributed to a cyber espionage group known as Tick. The vulnerability, tracked as CVE-2025-61932 CVSS score: 9.3, allows remote attackers to execute arbitrary commands with SYSTEM privileg...

10CVSS9.9AI score0.1938EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986295)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986295 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Set lower bound of start tick time Currently ALSA timer doesn't have the lower limit...

5.5CVSS6.1AI score0.00642EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-28967

Malicious code in bioql PyPI...

6.3AI score0.00149EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/09/11 11:24 p.m.4 views

SUSE CVE-2025-39744

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

5.5CVSS6.3AI score0.00149EPSS
Exploits0References21
NVD
NVD
added 2025/09/11 5:15 p.m.5 views

CVE-2025-39744

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

7.1CVSS0.00149EPSS
Exploits0References5
OSV
OSV
added 2025/09/11 5:15 p.m.3 views

UBUNTU-CVE-2025-39744

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

7.1CVSS6.5AI score0.00149EPSS
Exploits0References24
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.15 views

brick-node (>=0.0.0 <=0.0.17), change-object (=0.0.0) +9 more potentially affected by unknown CVE via pause-function (=0.0.1)

pause-function NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on pause-function and may be impacted: - brick-node =0.0.0, =1.16.0, =0.0.0, =1.0.1 - stream-format =0.0.3 Source cves: unknown CVE Source advisory: OSV:MAL-2025-28923...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.6 views

big-integer-max (=1.0.0), big-integer-min (>=1.0.0 <=1.0.1) +25 more potentially affected by unknown CVE via just-next-tick (=0.0.0)

just-next-tick NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on just-next-tick and may be impacted: - big-integer-max =1.0.0 - big-integer-min =1.0.0, =0.0.3, =0.0.0, =0.0.0, =0.0.0, =0.0.1, =0.0.9 and more Source cves: unknown CVE...

5.8AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.2 views

Malicious code in just-next-tick (npm)

The package just-next-tick was found to contain malicious code...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.10 views

change-object (=0.0.0), cli-qa (=2.0.0) +7 more potentially affected by unknown CVE via run-serially (=0.0.0)

run-serially NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on run-serially and may be impacted: - change-object =0.0.0 - cli-qa =2.0.0 - comma-list =0.0.0 - fd-select =1.0.0 - frp-tick =1.0.0 - innkeeper =1.0.4 - limited-parallel-loop...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/08/14 6:52 p.m.7 views

brick (=0.0.0), brick-node (>=0.0.8 <=0.0.17) +30 more potentially affected by unknown CVE via show-help (>=0.0.0 <=2.0.1)

show-help NPM version =0.0.0, =0.0.8, =0.0.0, =0.0.5, =0.0.0, =0.0.0, =0.0.7, =0.0.9, =1.1.0, =1.1.1 and more Source cves: unknown CVE Source advisory: OSV:MAL-2025-33162...

5.8AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-24119 Malicious code in just-next-tick (npm)

The package just-next-tick was found to contain malicious code...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.4 views

PT-2025-37203

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel related to rcu read unlock. Specifically, a potential deadlock can occur during rcu read unlock special when invoked within the irq exit path, trigger...

7.1CVSS5.9AI score0.00149EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/03/28 3:38 a.m.4 views

SUSE CVE-2023-52993

In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQLEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in the periodic tick code...

5.5CVSS6.6AI score0.00247EPSS
Exploits0References8
OSV
OSV
added 2025/03/27 5:15 p.m.2 views

UBUNTU-CVE-2023-52993

In the Linux kernel, the following vulnerability has been resolved: x86/i8259: Mark legacy PIC interrupts with IRQLEVEL Baoquan reported that after triggering a crash the subsequent crash-kernel fails to boot about half of the time. It triggers a NULL pointer dereference in the periodic tick code...

5.5CVSS6.2AI score0.00247EPSS
Exploits0References10
Rows per page
Query Builder