Malicious code in web-driver-wrapper (npm)

The package web-driver-wrapper was found to contain malicious code...

Malicious code in email-service-wrapper (npm)

The package email-service-wrapper was found to contain malicious code...

MAL-2025-38970 Malicious code in web-driver-wrapper (npm)

The package web-driver-wrapper was found to contain malicious code...

MAL-2025-29650 Malicious code in primedio-api-wrapper (npm)

The package primedio-api-wrapper was found to contain malicious code...

MAL-2025-16200 Malicious code in browser-wrapper (npm)

The package browser-wrapper was found to contain malicious code...

MAL-2025-19552 Malicious code in email-service-wrapper (npm)

The package email-service-wrapper was found to contain malicious code...

Malicious code in level-json-wrapper (npm)

The package level-json-wrapper was found to contain malicious code...

Malicious code in browser-wrapper (npm)

The package browser-wrapper was found to contain malicious code...

Malicious code in primedio-api-wrapper (npm)

The package primedio-api-wrapper was found to contain malicious code...

BIT-LIBPHP-2025-1736 Stream HTTP wrapper header check might omit basic auth header

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when user-supplied headers are sent, the insufficient validation of the end-of-line characters may prevent certain headers from being sent or lead to certain headers be misinterpreted...

BIT-LIBPHP-2025-1734 Streams HTTP wrapper does not fail for headers with invalid name and no colon

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when receiving headers from HTTP server, the headers missing a colon : are treated as valid headers even though they are not. This may confuse applications into accepting invalid headers...

BIT-LIBPHP-2025-1217 Header parser of http stream wrapper does not handle folded headers

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when http request module parses HTTP response obtained from a server, folded headers are parsed incorrectly, which may lead to misinterpreting the response and using incorrect headers, MIME...

BIT-LIBPHP-2022-31628 phar wrapper can occur dos when using quine gzip file

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...

Exploit for Incorrect Authorization in Sudo_Project Sudo

sudo CVE-2025 Toolkit Unified scanner, benign proof-of-...

Linux Distros Unpatched Vulnerability : CVE-2023-23598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website coul...

Linux Distros Unpatched Vulnerability : CVE-2023-21102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In efirtasmwrapper of efi-rt-wrapper.S, there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local...

CVE-2025-54780 glpi-screenshot-plugin exposes local files in /ajax/screenshot.php

The glpi-screenshot-plugin allows users to take screenshots or screens recording directly from GLPI. In versions below 2.0.2, authenticated user can use the /ajax/screenshot.php endpoint to leak files from the system or use PHP wrappers. This is fixed in version 2.0.2...

RockyLinux 9 : php:8.2 (RLSA-2025:7432)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:7432 advisory. php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-deco...

RLSA-2025:4263 Moderate: php:8.1 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

php:8.2 security update

An update is available for php-pecl-zip, module.php-pecl-apcu, php-pecl-xdebug3, module.php, module.php-pecl-xdebug3, php-pecl-rrd, php, module.php-pecl-zip, php-pecl-apcu, module.php-pecl-rrd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a...