13369 matches found
GO-2025-4006 Excessive CPU consumption in ParseAddress in net/mail
The ParseAddress function constructs domain-literal address components through repeated string concatenation. When parsing large domain-literal components, this can cause excessive CPU consumption...
Malicious Package
Overview tps-lookup is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Malicious Package
Overview kubernetes-agent is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview twilio-live-interactive-audio is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
Malicious Package
Overview replit-desktop-release-server is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
ROS-20251029-04
A plug-in vulnerability in the Grafana-Zabbix web-based data submission tool is related to maximum CPU utilization. Exploitation of the vulnerability could allow an attacker due to a custom request with a regular expression, acting remotely, to cause a denial of service...
Google Go 安全漏洞
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc USA. A security vulnerability exists in Google Go, which stems from the ParseAddress function constructing a domain literal address component by repeating string concatenation...
Google Go 安全漏洞
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc. A security vulnerability exists in Google Go, which stems from the Reader.ReadResponse function constructing a response string by concatenating repetitive strings, which may...
Siemens SIMATIC Devices Improper Validation of Specified Type of Input (CVE-2024-33621)
In the Linux kernel, the following vulnerability has been resolved: ipvlan: Dont Use skb-sk in ipvlanprocessv4 / 6outbound. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc...
Google Go 安全漏洞
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google, Inc USA. A security vulnerability exists in Google Go, which stems from the HTTP server parsing a large number of small cookies without limiting the number, which could lead to...
Gitbook
Personal Pentesting Knowledge Base 👋 Welcome! This reposit...
Malicious Package
Overview func-analysist is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview react-ipack is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...
Malicious Package
Overview fzreo-trading-sdk is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @jameson777/mytest7 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview @jameson777/mytest4 is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview cp2-shared-components is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview isg-iwp-web-client is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview shopify-ruby is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious Package
Overview deere-ui-namespace is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...