EUVD-2025-5743

Malicious code in bioql PyPI...

EUVD-2025-25664

Malicious code in bioql PyPI...

RHEL 8 : kpatch-patch-4_18_0-553_16_1, kpatch-patch-4_18_0-553_30_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, and kpatch-patch-4_18_0-553_72_1 (RHSA-2025:16582)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16582 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patc...

RHEL 8 : kernel (RHSA-2025:14511)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14511 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: peakusb: fix use after...

Malicious code in availab-le-alb-um-zip-349816-when-smoke-rises-ovwzf-uadxbi (npm)

The package availab-le-alb-um-zip-349816-when-smoke-rises-ovwzf-uadxbi was found to contain malicious code...

MAL-2025-15159 Malicious code in availab-le-alb-um-zip-349816-when-smoke-rises-ovwzf-uadxbi (npm)

The package availab-le-alb-um-zip-349816-when-smoke-rises-ovwzf-uadxbi was found to contain malicious code...

SUSE CVE-2025-8881

Inappropriate implementation in File Picker in Google Chrome prior to 139.0.7258.127 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from mac80211 Unuploaded STA may cause a crash when refreshed...

CVE-2025-23484

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cojecto Predict When predict-when allows Reflected XSS.This issue affects Predict When: from n/a through = 1.3...

CVE-2025-23484 WordPress Predict When plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cojecto Predict When predict-when allows Reflected XSS.This issue affects Predict When: from n/a through = 1.3...

CVE-2025-23484

CVE-2025-23484 affects the WordPress Predict When plugin (versions

WordPress plugin Predict When 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mtk-vcodec-dec.ko module that can cause the kernel to crash when removed...

PT-2025-4737 · Unknown +1 · Go Crypto/X509 Library +1

Name of the Vulnerable Software and Affected Versions: Go crypto/x509 library affected versions not specified Description: The issue is related to the incorrect handling of syntactically incorrect structures by the ParsePKCS1PrivateKey function in the Go crypto/x509 library. This could allow a...

WordPress Predict When plugin <= 1.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Predict When versions = 1.3...

CVE-2020-1821

CVE-2020-1821 concerns Huawei devices implementing the Common Open Policy Service (COPS) protocol. The vulnerability is an out-of-bounds read in the COPS decoding function when processing an incoming data packet, potentially causing a disruption of service on affected devices. The issue is part o...

SUSE CVE-2024-56532

In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses sndcardfree at disconnection, but this waits for the close of all...

UBUNTU-CVE-2024-56532

In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses sndcardfree at disconnection, but this waits for the close of all...

UBUNTU-CVE-2024-56533

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use sndcardfreewhenclosed at disconnection The USB disconnect callback is supposed to be short and not too-long waiting. OTOH, the current code uses sndcardfree at disconnection, but this waits for the close of all...

MAL-2024-12212 Malicious code in backwwii (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 cf5e7427061483e779c53f125b5792b2e650261bcdca0a9f4d90e9ca883c04d0 When importing the module, the obfuscated code downloads and runs a remote executable --- Category: MALICIOUS - The campaign has clearly malicious intent, like...