637 matches found
*ring* is unmaintained
The author has announced an indefinite hiatus in its development, noting that any reported security vulnerabilities may go unaddressed for prolonged periods of time. Update: security maintenance only After this advisory was published, the author graciously agreed to give access to the rustls team...
CVE-2024-11999
CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete control of the device when an authenticated user installs malicious code into HMI product...
PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages
The maintainers of the Python Package Index PyPI registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security. "Maintainers can now archive a project to let users know that the project is not expected to receive any...
BIT-NODE-2025-23087
Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...
BIT-NODE-MIN-2025-23087
Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...
BIT-NODE-2025-23089
Rejected reason: This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities...
CVE-2025-23089
A flaw was found in Node.js. This vulnerability allows potential exposure to unaddressed software vulnerabilities via the continued use of End-of-Life EOL versions that no longer receive security updates or patches. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2025-23088
A flaw was found in Node.js. This vulnerability allows potential exposure to unaddressed software vulnerabilities via the continued use of End-of-Life EOL versions that no longer receive security updates or patches. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2025-23089
...
PT-2025-4818 · Node.Js · Node.Js
The affected software is Node.js, specifically all End-of-Life EOL versions that are no longer supported and do not receive updates, including security patches. These versions may expose systems to potential security risks due to unaddressed software issues or dependencies, such as the use of...
PT-2025-4817 · Node.Js · Node.Js
The issue affects Node.js, specifically all end-of-life versions up to v17.9.1, which no longer receive support or updates, including security patches. This can expose systems to potential security risks due to unaddressed software vulnerabilities or dependencies. The vulnerable versions of Node....
RUSTSEC-2025-0040 `root` appended to group listings
Affected versions append root to group listings, unless the correct listing has exactly 1024 groups. This affects both: - The supplementary groups of a user - The group access list of the current process If the caller uses this information for access control, this may lead to privilege escalation...
RUSTSEC-2025-0161 libsecp256k1 is unmaintained
The maintainers recommend using k256 instead...
libsecp256k1 is unmaintained
The maintainers recommend using k256 instead...
RUSTSEC-2025-0026 registry is unmaintained
The author has archived the GitHub repository and mentions deprecation in project's README. Possible alternatives windows-registry...
registry is unmaintained
The author has archived the GitHub repository and mentions deprecation in project's README. Possible alternatives windows-registry...
CVE-2024-11999
CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete control of the device when an authenticated user installs malicious code into HMI product...
CVE-2024-11999
CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete control of the device when an authenticated user installs malicious code into HMI product...
PT-2024-17393 · Schneider Electric · Schneider Electric
Name of the Vulnerable Software and Affected Versions: Schneider Electric products affected versions not specified Description: A Use of Unmaintained Third-Party Components issue exists that could allow complete control of the device when an authenticated user installs malicious code into an HMI...
Schneider Electric多款产品 安全漏洞
Schneider Electric HMIST6 and others are products of Schneider Electric, France.Schneider Electric HMIST6 is a cost-effective, high-quality HMI panel.Schneider Electric HMIG3U is an advanced cassette base unit for general-purpose Schneider Electric HMIG3U is an advanced cassette base unit for...