Lucene search
K

6 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/12 4:29 a.m.4 views

Malicious code in bulma-antares-update-node-sass (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector da90409dae49766f73cccce1aa6e68c01b0cdeb89095c307fa9ed01a6e3d9d85 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-48425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using...

5.5CVSS6.5AI score0.00239EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.11 views

The vulnerability of the Assimp::SplitLargeMeshesProcess_Triangle::UpdateNode() function in the Open Asset Import Library (Assimp) import library allows a malicious actor to trigger a denial-of-service attack.

The vulnerability of the OpenDDLParser::parseStructure function in the Open Asset Import Library Assimp import library is related to the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00239EPSS
Exploits1References5Affected Software3
OSV
OSV
added 2024/10/24 9:15 p.m.2 views

DEBIAN-CVE-2024-48425

A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a...

5.5CVSS5.8AI score0.00239EPSS
Exploits1References1
OSV
OSV
added 2024/10/24 9:15 p.m.3 views

UBUNTU-CVE-2024-48425

A segmentation fault SEGV was detected in the Assimp::SplitLargeMeshesProcessTriangle::UpdateNode function within the Assimp library during fuzz testing using AddressSanitizer. The crash occurs due to a read access violation at address 0x000000000460, which points to the zero page, indicating a...

5.5CVSS6.6AI score0.00239EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/09/23 12:0 a.m.8 views

PT-2022-6180 · Node.Js +8 · Node +8

Name of the Vulnerable Software and Affected Versions: Node versions 18.7.0 Description: The issue is related to the llhttp parser in the http module, which does not correctly handle header fields that are not terminated with CLRF, potentially resulting in HTTP Request Smuggling. There is also a...

10CVSS7.3AI score0.77385EPSS
Exploits29References293
Rows per page
Query Builder