Malicious Package

Overview dubbo-js-private-workspace is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview nad-home is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview smart-utils-alice is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview prod-natwest is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview elf-stats-whimsical-snowflake-250 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

Malicious Package

Overview elf-stats-nutmeg-sleigh-350 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview sds-swissid-common is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious Package

Overview sds-oauth-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

PT-2025-51616

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/amdgpu subsystem related to inconsistent spinlock usage between interrupt and process contexts within the userq fence driver. Specifically, th...

PT-2025-51376

Name of the Vulnerable Software and Affected Versions JetFormBuilder versions up to and including 3.5.3 Description The JetFormBuilder — Dynamic Blocks Form Builder plugin for WordPress has a flaw that allows unauthorized modification of data. A missing capability check on the run callback functi...

Linux Distros Unpatched Vulnerability : CVE-2025-68211

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksm: use range-walk function to jump over holes in scangetnextrmapitem Currently, scangetnextrmapitem walks every page address in a VMA to locate mergeable...

CVE-2025-66471

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.0 and prior to 2.6.0, the Streaming API improperly handles highly compressed data. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than...

CVE-2025-66418

urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the decompression chain was unbounded allowing a malicious server to insert a virtually unlimited number of compression steps leading to high CPU usage and massive memory...

EUVD-2025-203376

An issue was discovered in allauth-django before 65.13.0. Both Okta and NetIQ were using preferredusername as the identifier for third-party provider accounts. That value may be mutable and should therefore be avoided for authorization decisions. The providers are now using sub instead...

Malicious Package

Overview bignumex is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview @revvity-signals/chemdraw-js is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious Package

Overview elf-stats-sugarplum-fireplace-278 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and...

编号撤回

req, etc. are products of roc individual developers. req is a simple Go HTTP client that uses Black Magic. brian smith ring, etc. are products of brian smith individual developers. ring is a library. ico doornekamp duc, etc. are products of Ico Ico Doornekamp duc and others are products of Ico...

编号撤回

req, etc. are products of roc individual developers. req is a simple Go HTTP client that uses Black Magic. brian smith ring, etc. are products of brian smith individual developers. ring is a library. ico doornekamp duc, etc. are products of Ico Ico Doornekamp duc and others are products of Ico...

openSUSE Security Advisory (SUSE-SU-2025:4390-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...