Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-381376)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-381376 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF i...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986386)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986386 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF i...

net: hns3: fix kernel crash when uninstalling driver

...

MAL-2024-10984 Malicious code in kraken-wallet-cryptoicons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5445e7a104fb812aa6f8ed5418680946ff853713215035b76d12e7bdd6a19300 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-50296

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pcidisablesriov. The numVFs is check...

CVE-2024-50296 net: hns3: fix kernel crash when uninstalling driver

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when uninstalling driver When the driver is uninstalled and the VF is disabled concurrently, a kernel crash occurs. The reason is that the two actions call function pcidisablesriov. The numVFs is check...

MAL-2024-10576 Malicious code in test-evil-pkg-reverse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 61acc3b6b342e65ed4e73d06d4e1361360c9c90c1d6d4974045bceee140bd1dc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-7919 Malicious code in @polycard/claim (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83cf247270fb38f1214026a0dfc88f3c545b6e374ded7f86023ea680ffea8720 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ALSA-2024:0463 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

MAL-2024-446 Malicious code in wlwz-2312-3006 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d1e1daa683867cec813fdf58ef7b414ae31ac6cf506011536470f97a8b420e83 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Command injection

McAfee Total Protection prior to 16.0.51 allows attackers to trick a victim into uninstalling the application via the command prompt...

ASB-A-252663068

In getStringsForPrefix of Settings.java, there is a possible prevention of package uninstallation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

MAL-2022-4075 Malicious code in jsostablestringilfy (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73b5e7984a111a9860fa55df1ef3e7d35feb633e083db625193ed984fc1b738e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3322 Malicious code in geactnativevecoicons (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 669466499feb5f13b1f00219438728b5445d1cc02cb64c03eb9a30a500a6d79e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Atlassian Questions For Confluence 2.7.34 / 2.7.35 / 3.0.2 Hardcoded Credentials

The Atlassian Questions For Confluence app for Confluence Server and Data Center creates a Confluence user account in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password could exploit...

MAL-2022-1971 Malicious code in codefest-internal-dependency (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 96d8d666fc5e26bcb66b14c68078fc0ae2f7294bf5ce376aa5e03d9b2f882559 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-4531 Malicious code in med3web (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 03ffb9dbf95f6a0fef31c4bc22ceed172e57c4e4e4e9e9743d2a7464d3f23653 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6687 Malicious code in twelvedata-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c036b95c651dc0bdcb11ec39fc95c8bb60573925682e6ad0b6a7a93290a1775d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-3989 Malicious code in iv-build-utils (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0da1f5b6ad11fed94f99710d6347cadc10f60bf1363f774afb7fd27c9226bf5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Drupal Information Disclosure Vulnerability (SA-CORE-2022-004) - Windows

Drupal is prone to an information disclosure vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...