Insufficient Granularity of Access Control

Overview Affected versions of this package are vulnerable to Insufficient Granularity of Access Control in namespace validation for the ImageUpdater resources. An attacker can perform unauthorized image updates on applications in other namespaces by creating or modifying ImageUpdater resources,...

EUVD-2017-11041

Malware in sbrugna...

EUVD-2025-4254

Malicious code in bioql PyPI...

CVE-2025-54887

jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption JWE standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs can be brute forced, which may result in loss of confidentiality for those JWEs and provide ways to craft arbitrary JWEs. This puts users at risk becau...

CVE-2025-54887 jwe: Missing AES-GCM authentication tag validation in encrypted JWEs

jwe is a Ruby implementation of the RFC 7516 JSON Web Encryption JWE standard. In versions 1.1.0 and below, authentication tags of encrypted JWEs can be brute forced, which may result in loss of confidentiality for those JWEs and provide ways to craft arbitrary JWEs. This puts users at risk becau...

PT-2025-32334

Name of the Vulnerable Software and Affected Versions jwe versions 1.1.0 and below Description The authentication tag of encrypted JWEs can be brute forced, potentially leading to a loss of confidentiality and the ability to craft arbitrary JWEs. This allows modification of JWEs to decrypt to an...

CVE-2023-28638

Snappier is a high performance C implementation of the Snappy compression algorithm. This is a buffer overrun vulnerability that can affect any user of Snappier 1.1.0. In this release, much of the code was rewritten to use byte references rather than pointers to pinned buffers. This change...

CVE-2025-1641

A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file...

CVE-2025-1641

A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file...

PT-2025-7804 · Benner · Benner Modernanet

Name of the Vulnerable Software and Affected Versions: Benner ModernaNet versions 1.1.0 and earlier Description: A critical issue has been found in Benner ModernaNet, affecting an unknown part of the file...

PT-2025-7803 · Benner · Benner Modernanet

Name of the Vulnerable Software and Affected Versions: Benner ModernaNet versions up to 1.1.0 Description: A critical issue affects some unknown functionality of the file /Home/JS CarregaCombo?formName=DADOS PESSOAIS PLANO&additionalCondition=&insideParameters=&elementToReturn=DADOS PESSOAIS...

PT-2025-7806 · Benner · Benner Modernanet

Name of the Vulnerable Software and Affected Versions: Benner ModernaNet versions up to 1.1.0 Description: A vulnerability was found in the processing of the file /DadosPessoais/SG AlterarSenha, leading to cross-site request forgery. The attack may be initiated remotely. Upgrading to version 1.1....

PT-2023-20576 · Unknown · Php-Saml-Sp

Name of the Vulnerable Software and Affected Versions: php-saml-sp versions prior to 1.1.1 php-saml-sp versions 2.x prior to 2.1.1 Description: The issue allows reading arbitrary files as the webserver user due to resolving XML external entities being silently enabled via LIBXML DTDLOAD and LIBXM...

Vulnerabilities fixed in OpenSSL

The developers of OpenSSL have fixed two vulnerabilities. The vulnerabilities allow an unauthenticated remote malicious person to remotely able to cause a denial-of-service, or potentially gain access to sensitive data, including possibly private keys currently actively in use on the system. Misu...

Authentication Bypass

Overview Affected versions of this package are vulnerable to Authentication Bypass via the Go XML parser which can cause SAML authentication bypass. This is because the XML parser doesn’t guarantee integrity in the XML round-trip encoding/decoding XML data. Remediation Upgrade...