amdonov.ospackage-init:amdonov.ospackage-init.gradle.plugin (>=0.1.0 <=0.5.0), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1646 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk15on (>=1.46 <=1.70)

org.bouncycastle:bcpg-jdk15on MAVEN version =1.46, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =2023.06.07.114626-93b9d6f, =0.1.3-20210127.1838-76ab4fc, =0.1.4-20220614.0152-5ae0eef, =1.0.0-M6, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1-M3, =0.0.1-M19 and more...

PT-2026-6847

Impact What kind of vulnerability is it? Who is impacted? An Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. Developers who have built applications which include Microsoft's Semantic Kernel .NET SDK and...

CVE-2025-23086

On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open...

EUVD-2020-28337

Malware in sbrugna...

EUVD-2000-0044

Malware in sbrugna...

EUVD-2006-5485

Malware in sbrugna...

EUVD-2025-3114

Malicious code in bioql PyPI...

CVE-2020-7203

A potential security vulnerability has been identified in HPE iLO Amplifier Pack server version 1.70. The vulnerability could be exploited to allow remote code execution...

Brave Browser 输入验证错误漏洞

Brave Browser is a fast, private and secure web browser for PC, Mac and mobile devices from Brave, Inc. An input validation error vulnerability exists in Brave Browser versions 1.70.x through 1.73.x. The vulnerability stems from the source of a site not being correctly identified in the file...

CVE-2021-23282 Stored Cross-site Scripting reported in Intelligent Power Manager v1

Eaton Intelligent Power Manager IPM prior to 1.70 is vulnerable to stored Cross site scripting. The vulnerability exists due to insufficient validation of input from certain resources by the IPM software. The attacker would need access to the local Subnet and an administrator interaction to...

`atty` is unmaintained

The maintainer of atty has published an official notice that the crate is no longer under development, and that users should instead rely on the functionality in the standard library's IsTerminal trait. Alternatives - std::io::IsTerminal - Stable since Rust 1.70.0 and the recommended replacement...

app.cash.backfila:client-misk (>=0.1.0 <=2023.11.24.141218-0357917), app.cash.backfila:client-misk-dynamodb (>=0.1.3-20210127.1838-76ab4fc <=0.1.4-20210806.0204-5341f38) +1453 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-ext-jdk15on (>=1.47 <=1.70)

org.bouncycastle:bcprov-ext-jdk15on MAVEN version =1.47, =0.1.0, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210127.1838-76ab4fc, =0.1.3-20210805.0116-93702c4, =0.1.3-20210805.0116-93702c4, =0.1.0, =2023.06.07.114626-93b9d6f, =0.1.0, =0.1.4-20220614.0152-5ae0eef, =3.0.1, =2.10.0-11-1, =1.1.5, =1.0.2,...

ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.10) +30303 more potentially affected by CVE-2023-33202 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.70)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =4.4.0.0, =0.42.1, =0.1.12, =0.1.2, =0.28.0, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2023-33202 Source advisory: OSV:GHSA-WJXJ-5M7G-MG7Q...

Code injection

Wasmtime is a standalone runtime for WebAssembly. Prior to versions 6.0.2, 7.0.1, and 8.0.1, Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled...

Undefined Behavior in Rust runtime functions

Impact Wasmtime's implementation of managing per-instance state, such as tables and memories, contains LLVM-level undefined behavior. This undefined behavior was found to cause runtime-level issues when compiled with LLVM 16 which causes some writes, which are critical for correctness, to be...

PT-2022-25308 · Bd +1 · Bd Totalys Multiprocessor +1

Name of the Vulnerable Software and Affected Versions: BD Totalys MultiProcessor versions 1.70 and earlier Description: The issue concerns hardcoded credentials in the software, which could allow threat actors to access, modify, or delete sensitive information, including electronic protected heal...

BD Totalys MultiProcessor

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: Becton, Dickinson and Company BD Equipment: Totalys MultiProcessor Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access, modify, or...

GHSA-QVHF-3567-PC4V Sandbox bypass vulnerability in Script Security Plugin

Sandbox protection in Script Security Plugin 1.70 and earlier can be circumvented through: - Crafted constructor calls and bodies due to an incomplete fix of SECURITY-582 - Crafted method calls on objects that implement GroovyInterceptable This allows attackers able to specify and run sandboxed...

CVE-2021-23287

The vulnerability exists due to insufficient validation of input of certain resources within the IPM software. This issue affects: Intelligent Power Manager IPM 1 versions prior to 1.70...

Eaton Intelligent Power Manager 跨站脚本漏洞

Eaton Intelligent Power Manager IPM is an intelligent power manager from Eaton Corporation that supports remote monitoring and management of multiple devices in a network from an interface. A security vulnerability exists in Intelligent Power Manager IPM 1 versions prior to 1.70 that stems from...