14 matches found
Malicious Package
Overview tether-wrk-base is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2026-2663 Malicious code in tether-wrk-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e816f71a9a4581a5adacb19f57871ba8a9118bb980fbcb97c74d6b601a7e517f The package tether-wrk-base was found to contain malicious code. Source: ghsa-malware dd91537dad139a68aee6f4c63c4f9afb6bd315f2d76ee0e8e998dde7a421ef4...
Malicious code in pear-wrk-wdk (npm)
The package 'pear-wrk-wdk' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
MAL-2026-1547 Malicious code in pear-wrk-wdk (npm)
The package 'pear-wrk-wdk' is part of the PhantomRaven supply chain attack campaign Wave 2. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server npm.jpartifacts.com...
CVE-2024-26615
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...
CVE-2024-26615 net/smc: fix illegal rmb_desc access in SMC-D connection dump
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...
CVE-2024-26615 net/smc: fix illegal rmb_desc access in SMC-D connection dump
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix illegal rmbdesc access in SMC-D connection dump A crash was found when dumping SMC-D connections. It can be reproduced by following steps: - run nginx/wrk test: smcrun nginx smcrun wrk -t 16 -c 1000 -d -H 'Connection...
CVE-2024-26615
CVE-2024-26615 affects the Linux kernel net/smc code. A crash from NULL pointer dereference occurs when dumping SMC-D connections due to illegal rmb_desc access to conn->rmb_desc during an in-progress connection. The issue is fixed by adding a check before dumping to ensure rmb_desc has been i...
Malicious code in bfx-wrk-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54ff6b143e8eecf8e17207a560598b418779ac91a0e81e65d9950419b345f2f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in bfx-wrk-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 295522a655137b659a0339262d91f43a4c5fbb0ea67c505b5fb2f5eeaf233756 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1555 Malicious code in bfx-wrk-api (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b54ff6b143e8eecf8e17207a560598b418779ac91a0e81e65d9950419b345f2f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-1556 Malicious code in bfx-wrk-base (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 295522a655137b659a0339262d91f43a4c5fbb0ea67c505b5fb2f5eeaf233756 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ufx-lib-wrk-state (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 93dbdb87964693e2be577648a1210a3a83a44d0dc203d9b78ab1821e3a74b17d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-6739 Malicious code in ufx-lib-wrk-state (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 93dbdb87964693e2be577648a1210a3a83a44d0dc203d9b78ab1821e3a74b17d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...