CVE-2023-53449

CVE-2023-53449 affects the Linux kernel in the s390/dasd area. The root cause was a potential memory leak in dasd_eckd_init() where dasd_reserve_req was allocated before dasd_vol_info_req and could not be freed on error. The fix ensures dasd_reserve_req is freed before error returns, matching the...

Malicious code in linghun-xiangyu-vol2 (npm)

The package linghun-xiangyu-vol2 was found to contain malicious code...

Malicious code in kssd-vol5-lang (npm)

The package kssd-vol5-lang was found to contain malicious code...

Malicious code in tujie-qimen-dunjia-daquan-vol3 (npm)

The package tujie-qimen-dunjia-daquan-vol3 was found to contain malicious code...

MAL-2025-45218 Malicious code in mofa-xuetu-vol3 (npm)

The package mofa-xuetu-vol3 was found to contain malicious code...

MAL-2025-44912 Malicious code in kssd-vol4-debug-demo (npm)

The package kssd-vol4-debug-demo was found to contain malicious code...

SUSE CVE-2025-38206

In the Linux kernel, the following vulnerability has been resolved: exfat: fix double free in delayedfree The double free could happen in the following path. exfatcreateupcasetable exfatcreateupcasetable : return error exfatfreeupcasetable : free -volutbl exfatloaddefaultupcasetable : return erro...

Malicious code in ytdl-vol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1dd6cf64d6aa793ef6c5994096a5eec3ba42a561c6194c2f8f63a215ec42f49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-5589 Malicious code in ytdl-vol (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c1dd6cf64d6aa793ef6c5994096a5eec3ba42a561c6194c2f8f63a215ec42f49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-50072

In the Linux kernel, the following vulnerability has been resolved: x86/bugs: Use code segment selector for VERW operand Robert Gill reported below GP in 32-bit mode when dosemu software was executing vm86 system call: general protection fault: 0000 1 PREEMPT SMP CPU: 4 PID: 4610 Comm: dosemu.bin...

MAL-2024-2125 Malicious code in down_load_ebook_ab_sofort_schwester_vol_15_by_nekotofu_taito_y_sonja_r_manga_jam_session_f_207ql (npm)

--- -= Per source details. Do not edit below this line.=-...

vol-a-vue.com Improper Access Control vulnerability OBB-3815423

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

SUSE CVE-2014-8135

The storageVolUpload function in storage/storagedriver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service NULL pointer dereference and daemon crash via a crafted offset value in a "virsh vol-upload" command...

PT-2023-10600 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue concerns a buffer overflow vulnerability in the PubNub message handler for the "cc" channel. It can be triggered by sending specially crafted commands through the PubNub service, causing a...

PT-2018-6272 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue allows an attacker to send an authenticated HTTP request to trigger a buffer overflow. Specifically, the value for the s vol brt delta key is copied using strcpy to a buffer at address 0xa000051...

PT-2018-6271 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: The issue allows an attacker to send an authenticated HTTP request to trigger a buffer overflow. Specifically, the value for the s vol dim delta key is copied using strcpy to a buffer at address 0xa000051...

PT-2018-6276 · Insteon · Insteon Hub

Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: An attacker could send an authenticated HTTP request to trigger this issue in Insteon Hub. The value for the s vol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes...

meteo-sciez.com XSS vulnerability

Open Bug Bounty ID: OBB-596354 Description| Value ---|--- Affected Website:| meteo-sciez.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Weaphones™ Gun Sim Free Vol 1 - Dangerous filesystem permissions, Insecure KeyStore vulnerabilities

HackApp vulnerability scanner discovered that application Weaphones™ Gun Sim Free Vol 1 published at the 'play' market has multiple vulnerabilities...

Plus Video Vol.2( plugin app) - Exported components, SD-card access, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Plus Video Vol.2 plugin app published at the 'play' market has multiple vulnerabilities...