Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer in tegraqspicombinedseqxfer The currxfer field is read by the IRQ handler without holding a lock. This allows the IRQ handler to check whether a transfer is in progress. When clearing the...

EUVD-2021-0866

Malware in sbrugna...

DEBIAN-CVE-2023-23914

A cleartext transmission of sensitive information vulnerability exists in curl v7.88.0 that could cause HSTS functionality fail when multiple URLs are requested serially. Using its HSTS support, curl can be instructed to use HTTPS instead of usingan insecure clear-text HTTP step even when HTTP is...

CVE-2020-28470

This affects the package @scullyio/scully before 1.0.9. The transfer state is serialised with the JSON.stringify function and then written into the HTML page...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS. The transfer state is serialised with the JSON.stringify function and then written into the HTML page. Details Cross-site scripting or XSS is a code vulnerability that occurs when an attacker “injects” a...