3039 matches found
UBUNTU-CVE-2025-39822
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-39822 io_uring/kbuf: fix signedness in this_len calculation
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-39822 io_uring/kbuf: fix signedness in this_len calculation
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-39822
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-39822
The CVE-2025-39822 issue affects the Linux kernel io_uring/kbuf path. Root cause: buf->len is treated unsigned when importing buffers but is converted to signed int when committing, risking negative interpretation for large buffers. Mitigation: the min_t calculation is now unsigned. This is a ...
MAL-2025-47225 Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
Malicious code in @yoobic/jpeg-camera-es6 (npm)
Suspicious postinstall script executing bundle.js and the presence of unsignedbitwisemathexcess YARA rule match indicates malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38de35c3ae3f0f156a77b94484f3774c14c293d3e37531ec74c8277fde1ad5c7 Any computer that has...
Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
MAL-2025-47230 Malicious code in yoo-styles (npm)
Suspicious postinstall script executing bundle.js and YARA rule unsignedbitwisemathexcess match strongly suggests malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9b064ef82c07e5538a3269d44de4c6750b224f665f808a5099715143c8be21e4 Any computer that h...
Malicious code in tbssnch (npm)
Package is likely malware. Suspicious postinstall script executes a file with excessive unsigned bitwise math, indicating potential malicious intent. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a3d97140873f47a4a2f00551bfb18c9257dcbfa870e93cfaa642c2e8a4bbb00 Any...
MAL-2025-47229 Malicious code in tbssnch (npm)
Package is likely malware. Suspicious postinstall script executes a file with excessive unsigned bitwise math, indicating potential malicious intent. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3a3d97140873f47a4a2f00551bfb18c9257dcbfa870e93cfaa642c2e8a4bbb00 Any...
Malicious code in @things-factory/integration-base (npm)
Suspicious postinstall script executing bundle.js, which contains excessive unsigned bitwise math, indicating potential malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f6b2496d9a593750ea26a4cea41022e9b78c9bae1ac1b398aa506868e90e794e Any computer...
MAL-2025-47219 Malicious code in @operato/headroom (npm)
Suspicious postinstall script executing bundle.js and YARA rule match unsignedbitwisemathexcess indicate malicious behavior. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 71e970ada08943ee1043ac40c48714a5f5c29ae9c3c5d925c6dbfff9bcc47719 Any computer that has this...
Malicious code in @things-factory/email-base (npm)
Suspicious postinstall script executes bundle.js which contains code flagged by YARA rule unsignedbitwisemathexcess, indicating malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdc3773013abc63a59090ab3b457bc1e047f7a294edd5f35e6ce43840fc0520 Any computer tha...
MAL-2025-47221 Malicious code in @things-factory/email-base (npm)
Suspicious postinstall script executes bundle.js which contains code flagged by YARA rule unsignedbitwisemathexcess, indicating malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6cdc3773013abc63a59090ab3b457bc1e047f7a294edd5f35e6ce43840fc0520 Any computer tha...
Malicious code in eslint-config-crowdstrike (npm)
Suspicious postinstall script executing bundle.js combined with unsignedbitwisemathexcess YARA rule match indicates potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d5700b3786b16cd76be2c86bc19af1fd76ac0dbfa6bb16f29e3837fc94598b75 Any computer that...
MAL-2025-47218 Malicious code in @crowdstrike/logscale-parser-edit (npm)
Suspicious postinstall script executing bundle.js and bundle.js contains excessive unsigned bitwise math, indicating potential malware. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ff5e2fca0afc744f9b2cec20ddf740574c42864336447119ed7715555896bde9 Any computer that...
PT-2025-37967
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s io uring/kbuf subsystem related to signedness in the this len calculation. When importing and using buffers, the buf-len value is treated as unsigne...
CVE-2025-43321
The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data...
CVE-2025-43321
The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. An app may be able to access protected user data...