Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in createvalidatestreamforsink Don't try to operate on a drmwbconnector as an amdgpudmconnector. While dereferencing aconnector-base will "work" it's wrong and might lead to...

MAL-2026-265 Malicious code in @wb-team/uikit-myteam-web (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fdf39991881d2a08d3aa421675b4c1a7b562a4b50c70e7d9c0f7bb54a0d8f0e4 The package @wb-team/uikit-myteam-web was found to contain malicious code. Source: ghsa-malware...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003783)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003783 advisory. A memory leak in the komedawbconnectoradd function in drivers/gpu/drm/arm/display/komeda/komedawbconnector.c in the Linux kernel before 5.3.8 allows attackers to cau...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992391)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992391 advisory. In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispcovlsetup is not intended to work with the...

Malicious Package

Overview @wb-drive/icons is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

Malicious code in ctosec-appsec-wb-xray-adapters (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71bd5cbfd64c9f4eec926fb0345f7a31ed5a012dfcf6182a0a550c2d3ad93240 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

EUVD-2025-200714

Malicious code in @wb-drive/icons npm...

Malicious code in @wb-drive/icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b963cc99aeb3b018cc92bf91e1468db917afc1b925c97a52799b987f8d46bc94 The package @wb-drive/icons was found to contain malicious code. Source: ghsa-malware 01c73b9d74d08599396bf602ee611ff710e750f219277fd8814584c4406eef8...

MAL-2025-191951 Malicious code in @wb-drive/icons (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b963cc99aeb3b018cc92bf91e1468db917afc1b925c97a52799b987f8d46bc94 The package @wb-drive/icons was found to contain malicious code. Source: ghsa-malware 01c73b9d74d08599396bf602ee611ff710e750f219277fd8814584c4406eef8...

EUVD-2010-1732

Malware in sbrugna...

EUVD-2007-1285

Malware in sbrugna...

EUVD-2009-4889

Malware in sbrugna...

EUVD-2009-0299

Malware in sbrugna...

EUVD-2025-19765

Malicious code in bioql PyPI...

Exploit for CVE-2025-39866

CVE-2025-39866 - use-after-free Author: Byte Reaper...

Security update for curl

This update for curl fixes the following issues: CVE-2025-9086: Fixed Out of bounds read for cookie path bsc1249191 CVE-2025-10148: Predictable WebSocket mask bsc1249348 Fix the --ftp-pasv option in curl v8.14.1 bsc1246197 tooloperate: fix return code when --retry is used but not triggered...

UBUNTU-CVE-2025-38098

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Don't treat wb connector as physical in createvalidatestreamforsink Don't try to operate on a drmwbconnector as an amdgpudmconnector. While dereferencing aconnector-base will "work" it's wrong and might lead to...

CVE-2025-38098

CVE-2025-38098 affects the Linux kernel’s DRM/AMD display path. The vulnerability stems from improper handling of a wb (writeback) connector and an amdgpu_dmConnector, where dereferencing aconnector->base could lead to unintended behavior. The issue is localized (requires local access) and the...

UBUNTU-CVE-2022-49995

In the Linux kernel, the following vulnerability has been resolved: writeback: avoid use-after-free after removing device When a disk is removed, bdiunregister gets called to stop further writeback and wait for associated delayed work to complete. However, wbinodewritebackend may schedule bandwid...

PT-2025-20502

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved by adding a check for the plane value in the dispc ovl setup function. The function is not intended to work with the value OMAP DSS ...