582 matches found
CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass
Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. However,...
EEF-CVE-2026-32148 Lockfile checksums not verified in Hex allows dependency integrity bypass
Summary Insufficient Verification of Data Authenticity vulnerability in hexpm hex Hex.RemoteConverger module allows dependency integrity bypass via unverified lockfile checksums. Hex stores checksums for dependencies in the mix.lock file to ensure reproducible and integrity-checked builds. Howeve...
PT-2026-36158
Name of the Vulnerable Software and Affected Versions hex versions 0.16.0 through 2.4.1 Description Insufficient Verification of Data Authenticity in the Hex.RemoteConverger module allows for a dependency integrity bypass. The Hex.RemoteConverger.verify resolved/2 function fails to execute checks...
CVE-2026-41126 BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL"
BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known workarounds...
PT-2026-34217
Name of the Vulnerable Software and Affected Versions BigBlueButton versions prior to 3.0.24 Description An open redirect exists in the 'bigbluebutton/api/join' endpoint through the logoutURL parameter. This occurs when requests with incorrect checksums are handled improperly, allowing a redirect...
Microsoft Devices Pricing Program Code Issue Vulnerability
The Microsoft Devices Pricing Program is Microsoft's exclusive device purchasing and pricing mechanism for enterprise customers, partners, or select channels to enjoy customized pricing, terms of business, and support for volume purchases of Surface Series devices such as Surface Laptop, Surface...
CLSA-2026-1770216227 nodejs: Fix of CVE-2023-38552
CVE-2023-38552: prevent application from intercepting integrity check operation and returning forged checksum...
EulerOS Virtualization 2.10.0 : rsync (EulerOS-SA-2026-1196)
According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destinati...
CVE-2018-1000891
Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums...
CVE-2023-54080
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: skip splitting and logical rewriting on pre-alloc write When doing a relocation, there is a chance that at the time of btrfsrelocclonecsums, there is no checksum for the corresponding region. In this case,...
EulerOS Virtualization 2.13.1 : krb5 (EulerOS-SA-2025-2547)
According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesse...
JLSEC-2025-325 A flaw was found in rsync
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare wi...
EUVD-2017-7410
Malware in sbrugna...
EUVD-2018-12172
Malware in sbrugna...
EUVD-2020-19803
Malware in sbrugna...
EUVD-2002-0695
Malware in sbrugna...
EUVD-2020-8121
Malware in sbrugna...
EUVD-2010-4768
Malware in sbrugna...
EUVD-2022-52222
Malicious code in bioql PyPI...
EUVD-2025-22706
Malicious code in bioql PyPI...