CVE-2025-9317

Summary: CVE-2025-9317 affects AVEVA Edge components used in AVEVA Edge, Edge Project files, and Edge Offline Cache, with later Red Hat/NVD references corroborating the same vulnerability. The underlying issue is the use of weak cryptographic hashes (MD5) to protect passwords, enabling a local at...

CVE-2025-9317 AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm

The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes...

EUVD-2025-197663

The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes...

CVE-2025-9317 AVEVA Edge Use of a Broken or Risky Cryptographic Algorithm

The vulnerability, if exploited, could allow a miscreant with read access to Edge Project files or Edge Offline Cache files to reverse engineer Edge users' app-native or Active Directory passwords through computational brute-forcing of weak hashes...

WordPress WP Project Manager plugin <= 2.6.26 - Authenticated (Subscriber+) SQL Injection via 'completed_at_operator' vulnerability

Authenticated Subscriber+ SQL Injection via 'completedatoperator' vulnerability discovered by mikemyers in WordPress Plugin WP Project Manager versions = 2.6.26...

Threat Landscape of the Building and Construction Sector Part Two: Ransomware

In this second installment of our two-part series on the construction industry, Rapid7 is looking at the specific threat ransomware poses, why the industry is particularly vulnerable, and ways in which threat actors exploit its weaknesses to great effect. You can catch up on the first part here:...

CVE-2025-64726 External Control of System or Configuration Setting and Uncontrolled Search Path Element in sfw

Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. Socket Firewall binary versions separate from installers prior to 0.15.5 are vulnerable to arbitrary code execution when run in untrusted project...

CVE-2025-64726

Socket Firewall (sfw) is affected for binary versions prior to 0.15.5. The vulnerability allows arbitrary code execution when run in an untrusted project directory by placing a malicious .sfw.config; loading the file populates environment variables into the Node.js process, enabling an attacker t...

1 million victims, 17,500 fake sites: Google takes on toll-fee scammers

A Phishing-as-a-Service PhaaS platform based in China, known as “Lighthouse,” is the subject of a new Google lawsuit. Lighthouse enables smishing SMS phishing campaigns, and if you’re in the US there is a good chance you've seen their texts about a small amount you supposedly owe in toll fees...

EUVD-2025-177546

Malicious code in nodemon-slides-frontend-tethys npm...

EUVD-2025-179067

Malicious code in eris-framework-lacerta-biomimicry npm...

EUVD-2025-177862

Malicious code in meteor-deneb-phoebe-paleoanthropology npm...

EUVD-2025-177492

Malicious code in octans-non-blocking-repository-cosmiconfig npm...

MAL-2025-185557 Malicious code in ariel-backend-css-loader-aldebaran (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8985f6f4b26a752bfd23a32fbbf39c2aab5c6b48f599eb0f46f6398a6833b115 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-186852 Malicious code in eslint-tardigrade-gammarayburst-cryonics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6f6ba0986e5b3fa90399d98555fce56050736ff52b31ceb2a66250e086fda217 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

MAL-2025-185469 Malicious code in antares-luminescence-phoebe-higgs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9250c08aab5a952d64b8b3d1497c203806cf0a3da77a0aa075aaeece4362bd64 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

PT-2025-46773

Name of the Vulnerable Software and Affected Versions Bitplatform Boilerplate versions prior to 9.11.3 Description Bitplatform Boilerplate, a Visual Studio and .NET project template, contains a cross-site scripting XSS issue within the WebInteropApp/WebAppInterop component. This could allow...

CVE-2011-10034

CVE-2011-10034 affects IRAI AUTOMGEN up to version 8.0.0.7 (also 8.022). The issue is a use-after-free in project file handling: freeing an object then dereferencing a stale pointer when processing certain malformed fields. This dangling-pointer scenario enables an attacker to influence an indire...

CVE-2011-10034 IRAI AUTOMGEN <= 8.0.0.7 Use-After-Free Remote DoS

AUTOMGEN versions up to and including 8.0.0.7 also referenced as 8.022 contain a vulnerability in that project file handling frees an object and subsequently dereferences the stale pointer when processing certain malformed fields. The dangling-pointer use enables an attacker to influence an...

MAL-2025-181024 Malicious code in teate-thy-sonic-urapu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d9380cef82872e3ccdee7e5519c2ab04e168ed707dc179e1ee4a94ae82672d4a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...