EUVD-2022-41754

Malicious code in bioql PyPI...

EUVD-2024-43058

Malicious code in bioql PyPI...

EUVD-2023-41180

Malicious code in bioql PyPI...

EUVD-2024-29335

Malicious code in bioql PyPI...

EUVD-2023-42474

Malicious code in bioql PyPI...

CVE-2023-37262

CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting...

CVE-2024-48645

In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization CWE-862 allows any user to modify "function" files used by the game when installed on a dedicated server...

CVE-2024-48645

In Minecraft mod "Command Block IDE" up to and including version 0.4.9, a missing authorization CWE-862 allows any user to modify "function" files used by the game when installed on a dedicated server...

CVE-2024-41564

EMI v.1.1.10 and before, fixed in v.1.1.11, contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in EMI mod for Minecraft, which allows in-game item duplication...

Roughly Enough Items 安全漏洞

Roughly Enough Items is a Mod for viewing items and recipes for Minecraft 1.13 - 1.18 by the individual developer shedaniel. A security vulnerability exists in Roughly Enough Items version v.16.0.729 and prior versions, which stems from a failure to validate slot indexes and reduce stack counts i...

PT-2024-29445 · Emi · Emi

Name of the Vulnerable Software and Affected Versions: EMI versions 1.1.10 and before Description: The issue is related to an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. Specifically, it is a failure to validate slot index and decrement stack count in the E...

CVE-2024-43395 CraftOS-PC 2's improperly sanitizied paths cause filesystem escape (Windows)

CraftOS-PC 2 is a rewrite of the desktop port of CraftOS from the popular Minecraft mod ComputerCraft using C++ and a modified version of PUC Lua, as well as SDL for drawing. Prior to version 2.8.3, users of CraftOS-PC 2 on Windows can escape the computer folder and access files anywhere without...

CVE-2024-31446

OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. A user can use OpenComputers to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the server to be forcibly shut down. This can be accomplished using any device ...

CVE-2024-31446 OpenComputers Denial of Service using xpcall

OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. A user can use OpenComputers to get a Computer thread stuck in the Lua VM, which eventually blocks the Server thread, requiring the server to be forcibly shut down. This can be accomplished using any device ...

CVE-2024-31446

OpenComputers vulnerable prior to version 1.8.4 (and GregTech: New Horizons pre-patch 1.10.10-GTNH). A user can cause a Computer thread to hang in the Lua VM via xpcall, which can eventually block the Server thread and require a server restart. LuaJ is reported not to have this issue. The vulnera...

CVE-2023-38689 Deserialization of Untrusted Data in network IO

Logistics Pipes is a modification a.k.a. mod for the computer game Minecraft Java Edition. The mod used Java's ObjectInputStreamreadObject on untrusted data coming from clients or servers over the network resulting in possible remote code execution when sending specifically crafted network packet...

Default credentials

CC: Tweaked is a mod for Minecraft which adds programmable computers, turtles, and more to the game. Prior to versions 1.20.1-1.106.0, 1.19.4-1.106.0, 1.19.2-1.101.3, 1.18.2-1.101.3, and 1.16.5-1.101.3, if the cc-tweaked plugin is running on a Minecraft server hosted on a popular cloud hosting...

CVE-2023-37261 OpenComputers's SSRF to cloud service metadata services and local IPv6 addresses not blocked by default

OpenComputers is a Minecraft mod that adds programmable computers and robots to the game. This issue affects every version of OpenComputers with the Internet Card feature enabled; that is, OpenComputers 1.2.0 until 1.8.3 in their most common, default configurations. If the OpenComputers mod is...

CVE-2021-43819

Stargate-Bukkit is a mod for the minecraft video game which adds a portal focused environment. In affected versions Minecarts with chests will drop their items when teleporting through a portal; when they reappear, they will still have their items impacting the integrity of the game world. The...

CVE-2021-43819 Stargate-Bukkit improperly handles vehicles causing data duplication.

Stargate-Bukkit is a mod for the minecraft video game which adds a portal focused environment. In affected versions Minecarts with chests will drop their items when teleporting through a portal; when they reappear, they will still have their items impacting the integrity of the game world. The...