CVE-2026-8479

IEC 60870-5-104 used in bidirectional mode in RTU500 is vulnerable for a NULL pointer dereferencing, if a specially crafted sequence of messages is sent for a certain time, causing Denial of Service impact. Product is only affected if IEC 60870-5-104 functionality in bidirectional mode BCI is...

Astra Linux - уязвимость в chromium

Before version 104.0.5112.79, using Nearby Share in Google Chrome on Chrome OS allowed a remote attacker who convinced a user to engage in certain user interactions to potentially exploit heap corruption through specific UI interactions...

Astra Linux - уязвимость в chromium

Inappropriate implementation in the Fullscreen API in Google Chrome on Android prior to 104.0.5112.79 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page...

Astra Linux - уязвимость в chromium

In the Sign-In Flow in Google Chrome, using after free before version 104.0.5112.79 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux - уязвимость в chromium

Insufficient policy enforcement in cookies in Google Chrome prior to version 104.0.5112.101 allowed a remote attacker to bypass cookie prefix restrictions through a crafted HTML page...

Astra Linux - уязвимость в firefox, thunderbird

Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs in Firefox 103 and Firefox ESR 102.1. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code...

Astra Linux – Vulnerability in Firefox

An attacker could have written a value to the first element of a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox versions earlier than 104...

CVE-2026-1773

IEC 60870-5-104 used in RTU500: Potential Denial of Service impact on reception of invalid U-format frame. Product is only affected if IEC 60870-5-104 bi-directional functionality is configured. Enabling secure communication following IEC 62351-3 does not remediate the vulnerability but mitigates...

CVE-2025-69287 BSV Blockchain SDK has an Authentication Signature Data Preparation Vulnerability

The BSV Blockchain SDK is a unified TypeScript SDK for developing scalable apps on the BSV Blockchain. Prior to version 2.0.0, a cryptographic vulnerability in the TypeScript SDK's BRC-104 authentication implementation caused incorrect signature data preparation, resulting in signature...

GHSA-VJPQ-XX5G-QVMM BSV Blockchain SDK has an Authentication Signature Data Preparation Vulnerability

BRC-104 Authentication Signature Data Preparation Vulnerability Summary A critical cryptographic vulnerability in the TypeScript SDK's BRC-104 authentication implementation caused incorrect signature data preparation, resulting in signature incompatibility between SDK implementations and potentia...

PT-2026-20262

Name of the Vulnerable Software and Affected Versions BSV Blockchain SDK versions prior to 2.0.0 Description A cryptographic issue exists in the BSV Blockchain SDK's BRC-104 authentication implementation. Specifically, incorrect signature data preparation in the Peer.ts file, within the...

CVE-2026-2034

creationtimestamp| type| source ---|---|--- 2026-02-13 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-104/ 2026-02-21 00:03:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfdd3nptwd2h 2026-02-26 03:00:15+00:00| seen|...

Google Chrome < 104.0.5112.102 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 104.0.5112.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202208stable-channel-update-for-desktop16 advisory. - Use after free in Browser Creation in Google Chrome prior to 104.0.5112.1...

MiracleLinux 8 : grafana-pcp-5.1.1-11.el8_10 (AXSA:2026-104:01)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2026-104:01 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding...

CVE-2022-38475

An attacker could have written a value to the first element in a zero-length JavaScript array. Although the array was zero-length, the value was not written to an invalid memory address. This vulnerability affects Firefox 104...

CVE-2024-9684

FreyrSCADA/IEC-60870-5-104 server v21.06.008 is affected by a denial-of-service vulnerability triggered by specific message sequences. Root cause relates to how the server handles certain sequences, leading to an availability impact. The CVE is referenced across multiple sources (NVD, CVE List, C...

Malicious code in elf-stats-snowdusted-bauble-104 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32651013dbe2e3fdb98e6eddaa6dad8fd1be541a944f75947158171794560bdd The package elf-stats-snowdusted-bauble-104 was found to contain malicious code...

MAL-2025-192139 Malicious code in elf-stats-snowdusted-bauble-104 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 32651013dbe2e3fdb98e6eddaa6dad8fd1be541a944f75947158171794560bdd The package elf-stats-snowdusted-bauble-104 was found to contain malicious code...

MAL-2025-174620 Malicious code in hitachi-poke104 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d56ea2564e895cc8bb966113b086b57df39d52d897b2457fad5cc3217308453 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-155667 Malicious code in hariyono-104 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02b8041ffbfdc322c3d9f432ae1559c3d5b02ea2fb1e935e000499629aa409b9 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...