353 matches found
EUVD-2021-2306
Malware in sbrugna...
EUVD-2021-1891
Malware in sbrugna...
EUVD-2019-5997
Malware in sbrugna...
EUVD-2021-1912
Malware in sbrugna...
EUVD-2003-1023
Malware in sbrugna...
EUVD-2018-10111
Malware in sbrugna...
EUVD-2017-17262
Malware in sbrugna...
EUVD-2021-1890
Malware in sbrugna...
EUVD-2024-42135
Malicious code in bioql PyPI...
EUVD-2022-32815
Malicious code in bioql PyPI...
CVE-2024-41148 Unsafe use of eval() method in rostopic hz tool
A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...
CVE-2024-41148
A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'hz' verb, which reports the publishing rate of a topic and accepts a user-provided Python...
CVE-2022-28369
Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 does not validate the user-provided URL within the crtcmode function's enablessh sub-operation of the crtcrpc JSON listener found at /lib/functions/wncjsonsh/crtcmode.sh A remote attacker on the local network can provide a malicious URL. The data...
CVE-2021-30456
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in getorinsert upon a panic of a user-provided f function...
ejabberd -- mod_muc_occupantid: Fix handling multiple occupant-id
ejabberd team reports: Fixed issue with handling of user provided occupant-id in messages and presences sent to muc room. Server was replacing just first instance of occupant-id with its own version, leaving other ones untouched. That would mean that depending on order in which clients send...
SUSE CVE-2025-30223
Beego is an open-source web framework for the Go programming language. Prior to 2.3.6, a Cross-Site Scripting XSS vulnerability exists in Beego's RenderForm function due to improper HTML escaping of user-controlled data. This vulnerability allows attackers to inject malicious JavaScript code that...
GHSA-5W4J-F78P-4WH9 Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66
Impact In libcontainer, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. Code can be seen here . The logic here adds the given capabilities to all capabilities of main container if present in spec, otherwise simply s...
SUSE CVE-2024-52559
In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: prevent integer overflow in msmioctlgemsubmit The "submit-cmdi.size" and "submit-cmdi.offset" variables are u32 values that come from the user via the submitlookupcmds function. This addition could lead to an integer...
CVE-2025-21787
CVE-2025-21787 affects the Linux kernel's team subsystem due to insufficient validation of TEAM_OPTION_TYPE_STRING in the net/TEAM code paths. The root cause is validated data handling in team_mode_get/ team_mode_option_set/ team_option_set, with inline occurrences in team_core.c:480, 607, 1401 a...
CVE-2025-21787 team: better TEAM_OPTION_TYPE_STRING validation
In the Linux kernel, the following vulnerability has been resolved: team: better TEAMOPTIONTYPESTRING validation syzbot reported following splat 1 Make sure user-provided data contains one nul byte. 1 BUG: KMSAN: uninit-value in stringnocheck lib/vsprintf.c:633 inline BUG: KMSAN: uninit-value in...