taky-cache-loop (=0.0.1), taky-redis-throttle (=0.0.1) potentially affected by unknown CVE via every-time (=0.0.0)

every-time NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on every-time and may be impacted: - taky-cache-loop =0.0.1 - taky-redis-throttle =0.0.1 Source cves: unknown CVE Source advisory: OSV:MAL-2025-19990...

CVE-2018-19990

In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pi...

CVE-2019-19990

CVE-2019-19990 concerns a stored XSS vulnerability in Selesta Visual Access Manager (VAM) versions 4.15.0 through 4.29. The issue enables remote authenticated users to inject arbitrary web script/HTML via the pages /monitor/s_headmodel.php and /vam/vam_user.php , due to lack of proper validation ...

CVE-2018-19990

In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pi...

CVE-2018-19990

CVE-2018-19990 concerns D-Link DIR-822 B1 202KRb06 where /HNAP1/SetWiFiVerifyAlpha processes WPSPIN in XML and stores it in internal memory without input validation; the do_wps path uses that value with an insecure wpatalk flow. Public references also tag related issues (e.g., CVE-2018-19986) in ...

CVE-2018-19990

In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the vulnerability affects D-Link DIR-822 B1 202KRb06 devices. In the SetWiFiVerifyAlpha.php source code, the WPSPIN parameter is saved in the $rphyinf1."/media/wps/enrollee/pin" and $rphyinf2."/media/wps/enrollee/pi...