app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1436 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk15to18 (>=1.71 <=1.83)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.71, =0.0.2, =0.0.2.1, =0.2.9, =0.2.8, =0.2.8, =0.2.8, =0.1.0-M36, =0.1.0-M27, =1.0.1, =3.5.0.0, =3.5.5.3 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk =3.0.0-RC1 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk-solon-boot-2-starter =3.0.0-RC1 and more Source cves...

app.cash.backfila:client-misk-hibernate (>=2025.05.13.195510-03b951f <=2026.03.26.140500-911435f), app.cash.backfila:service (>=2025.05.13.195510-03b951f <=2026.03.26.140500-911435f) +1011 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcpg-jdk18on MAVEN version =1.71, =2025.05.13.195510-03b951f, =2025.05.13.195510-03b951f, =2025.05.13.195510-03b951f, =1.0.0, =1.0.0, =1.1, =1.5.0, =0.1.0, =4.0.0, =7.0.0 and more Source cves: CVE-2026-3505 Source advisory: OSV:GHSA-CJ8J-37RH-8475...

Bouncy Castle Has Covert Timing Channel Vulnerability

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.84...

io.github.jinahya:jinahya-bcprov (=0.0.1), org.apache.camel.karaf:camel-as2 (>=4.7.0 <=4.10.7) +14 more potentially affected by CVE-2025-14813 via org.bouncycastle:bcprov-debug-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcprov-debug-jdk18on MAVEN version =1.71, =4.7.0, =4.7.0, =3.0.0-M1, =3.0.0-M1, =3.2.0, =3.18.0, =3.18.0, =3.18.0, =1.81, =1.81, =1.81, =1.81, =1.81, =1.81, =1.83 and more Source cves: CVE-2025-14813 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16075263...

app.cash.bittycity:outie (=0.0.1), app.cash.bittycity:outie-jooq-provider (=0.0.1) +1436 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk15to18 (>=1.71 <=1.83)

org.bouncycastle:bcprov-jdk15to18 MAVEN version =1.71, =0.0.2, =0.0.2.1, =0.2.9, =0.2.8, =0.2.8, =0.2.8, =0.1.0-M36, =0.1.0-M27, =1.0.1, =3.5.0.0, =3.5.5.3 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk =3.0.0-RC1 - cn.lnkdoc.sdk:awesome-uia-alipay-sdk-solon-boot-2-starter =3.0.0-RC1 and more Source cves...

app.cash.backfila:client-misk-hibernate (>=2025.05.13.195510-03b951f <=2026.03.26.140500-911435f), app.cash.backfila:service (>=2025.05.13.195510-03b951f <=2026.03.26.140500-911435f) +1011 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcpg-jdk18on MAVEN version =1.71, =2025.05.13.195510-03b951f, =2025.05.13.195510-03b951f, =2025.05.13.195510-03b951f, =1.0.0, =1.0.0, =1.1, =1.5.0, =0.1.0, =4.0.0, =7.0.0 and more Source cves: CVE-2026-3505 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16073606...

io.github.coffee330501:internal-call (>=1.0.4 <=1.1.0), org.bouncycastle:bcmail-jdk14 (>=1.71 <=1.83) +12 more potentially affected by CVE-2026-5598 via org.bouncycastle:bcprov-jdk14 (>=1.71 <=1.83)

org.bouncycastle:bcprov-jdk14 MAVEN version =1.71, =1.0.4, =1.71, =1.71, =1.71, =1.71, =1.71, =0.2.5, =1.0.1-rc.1, =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.2.0, =9.3.2 Source cves: CVE-2026-5598 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16074610...

ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +12656 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.78.1)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.8.7 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789695...

WordPress plugin WPB Category Slider for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2002-2362

Cross-site scripting XSS vulnerability in formheader.php in MyMarket 1.71 allows remote attackers to inject arbitrary web script or HTML via the noticemsg parameter...

PT-2024-11583 · Eaton · Ipp

Name of the Vulnerable Software and Affected Versions: IPP versions prior to v1.71 Description: The issue is related to insufficient verification of data authenticity, causing the software to accept invalid data. This affects multiple versions of the Eaton products. Recommendations: For versions...

Eaton IPP 安全漏洞

Eaton IPP is a power management software from Eaton Corporation USA. A security vulnerability exists in Eaton IPP versions prior to v1.71 that stems from the presence of a default credentials issue that could lead an attacker to identify and access vulnerable systems...

PT-2024-11584 · Ipp · Ipp

Name of the Vulnerable Software and Affected Versions: IPP software versions prior to 1.71 Description: The issue is related to a default credential vulnerability. This could lead attackers to identify and access vulnerable systems. Recommendations: For versions prior to 1.71, update to version...

ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7626 more potentially affected by CVE-2024-30171 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2024-30171 Source...

androidx.car.app:app-testing (>=1.4.0 <=1.4.0-rc02), androidx.media3:media3-test-utils-robolectric (>=1.2.0 <=1.2.1) +3387 more potentially affected by CVE-2023-33201 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.73)

org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =0.1.0-M2, =1.6.0, =0.8.1, =0.5.0, =4.8.3, =1.4.0, =2.1.0 -...

GHSA-QVHF-3567-PC4V Sandbox bypass vulnerability in Script Security Plugin

Sandbox protection in Script Security Plugin 1.70 and earlier can be circumvented through: - Crafted constructor calls and bodies due to an incomplete fix of SECURITY-582 - Crafted method calls on objects that implement GroovyInterceptable This allows attackers able to specify and run sandboxed...

jenkins-script-security-plugin: sandbox protection bypass via crafted constructor calls and crafted constructor bodies

Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies...

CVE-2011-2706

A Cross-Site Scripting XSS vulnerability exists in the reorder administrator functions in sNews 1.71...

Cross site scripting

A Cross-Site Scripting XSS vulnerability exists in the reorder administrator functions in sNews 1.71...

CVE-2011-2706

The CVE-2011-2706 entry describes an XSS vulnerability in the reorder administrator functions of sNews 1.71. Affected software: sNews (version 1.71). Vulnerable component: the reorder administrator functionality, with cross-site scripting possible through that pathway. Exploitation details, speci...