MAL-2025-150845 Malicious code in @miptaa02/mqhg (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4ca38583daa1baf5164468b9b342771b047ad6f71ce8c352053412de8d931fbf This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-129027 Malicious code in ocha-gorengan6-wekto (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 91699d4c14662e29837bd5596e957bc2939b6be60c8bfe3d167ed73992f31dc3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

Malicious code in ida-jengkol6-breki (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e4cf132791de236969a1e23153cf90f1079dc7085c6f1c88c91275d981642847 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-82430 Malicious code in xaver-kentang79-sukiwir (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 35e7f1ac1a765710f2fc40d771e287f6b3c1853e47b11b86baf997358868a777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-60766 Malicious code in linguistic_mule_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b05b9385fe709ec259900e1a5d2a7029174c1cb1c3c5810f44362dd455730482 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

TencentOS Server 3: python3.12 (TSSA-2024:0513)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0513 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0076: xorg-x11-server-Xwayland (ALINUX3-SA-2025:0076)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0076 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-9632: A flaw was found in the X.o...

Photon OS 5.0: Bindutils PHSA-2025-5.0-0511

An update of the bindutils package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0511. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Fedora 40 : nodejs-nodemon (2025-9a278a7768)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-9a278a7768 advisory. Added patch for CVE-2024-4068 rhbz2280624 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Debian: Security Advisory (DLA-4065-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-2-1945

2.1945 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to perform a denial-of-service DoS attack.Identifier of the Information Security Threat Data Bank of the...

ROS-2-1195

2.1195 Multiple vulnerabilities in Squid CVE-2021-28651, CVE-2021-28662, CVE-2021-28652, CVE-2021-31806, CVE-2021-31808 1. Vulnerability Description: The vulnerability allows a remote attacker to execute a denial-of-service DoS attack.Identifier of the Information Security Threats Data Bank of th...

ROS-2-1845

2.1845 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user-entered data when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the...

CVE-2016-10305

Trango Apex = 2.1.1, ApexLynx 2.0, ApexOrion 2.0, ApexPlus = 3.2.0, Giga = 2.6.1, GigaLynx 2.0, GigaOrion 2.0, GigaPlus = 3.2.3, GigaPro = 1.4.1, StrataLink 3.0, and StrataPro devices have a built-in, hidden root account, with a default password that was once stored in cleartext within a software...

FreeBSD Ports: firefox

The remote host is missing an update to the system as announced in the referenced advisory. VID 3b18e237-2f15-11de-9672-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 3b18e237-2f15-11de-9672-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

DSA-1485-2 icedove - several vulnerabilities

Bulletin has no description...