EUVD-2023-50582

Malicious code in bioql PyPI...

Amazon Linux 2 : perl-Crypt-OpenSSL-RSA (ALAS-2025-2942)

The version of perl-Crypt-OpenSSL-RSA installed on the remote host is prior to 0.28-7. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2942 advisory. A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover...

CVE-2023-46362

jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2encautothresholdusinghash in src/jbig2enc.cc...

DEBIAN-CVE-2023-46362

jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2encautothresholdusinghash in src/jbig2enc.cc...

CVE-2023-46362

jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2encautothresholdusinghash in src/jbig2enc.cc...

CVE-2023-46363

jbig2enc v0.28 was discovered to contain a SEGV via jbig2addpage in src/jbig2enc.cc:512...

jbig2enc Security Vulnerabilities

jbig2enc is an encoder for JBIG2. A security vulnerability exists in jbig2enc version v0.28, which stems from a post-release reuse vulnerability in the function jbig2incautothresholdusinghash...

jbig2enc Security Vulnerabilities

jbig2enc is an encoder for JBIG2. A security vulnerability exists in jbig2enc version v0.28, which stems from a memory segment error SEGV problem in the function jbig2addpage. An attacker could exploit this vulnerability to cause a Denial of Service DoS...

com.cloudbees.jenkins.plugins:custom-tools-plugin (>=0.4 <=0.6) potentially affected by CVE-2022-27205 via org.jenkins-ci.plugins:extended-choice-parameter (=0.28)

org.jenkins-ci.plugins:extended-choice-parameter MAVEN version =0.28 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:extended-choice-parameter and may be impacted: - com.cloudbees.jenkins.plugins:custom-tools-plugin =0.4, =0.6...

CloudBees Jenkins XXE Vulnerability (CNVD-2020-50958)

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A XXE vulnerability exists in...

CloudBees Jenkins XSS Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees, Inc. The product is mainly used to monitor the continuous software version of the release/test project and some timed execution of the task . LTS is a long-term support for CloudBeesJenkins version...

PT-2020-15466 · Jenkins · Jenkins Valgrind Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Valgrind Plugin versions 0.28 and earlier Description: The issue concerns the configuration of the XML parser in the Jenkins Valgrind Plugin, which does not prevent XML external entity XXE attacks. This allows a user who can control t...

PT-2020-15468 · Jenkins · Jenkins Valgrind Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Valgrind Plugin versions 0.28 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin does not properly escape content in Valgrind XML reports. This allows attacke...

CVE-2010-4970

SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to execute arbitrary SQL commands via the id parameter...

Wiki Web Help 0.28 SQL Injection

Version: v0.28 Possible all versions Vendor: Richard Bondi - http://wikiwebhelp.org Download: http://wikiwebhelp.org/release/wwh-0.2.8.zip Description: "The goal of this project is to create a help application that is editable by the community. Standard wiki systems are great for many application...

[SECURITY] New version of mtr released

Package: mtr Vulnerability type: possible local exploit Debian-specific: no The version of mtr as distributed in Debian GNU/Linux 2l1 aka slink did not drop root privileges correctly. While there are no known exploits it is conceivable that a weakness in gtk or ncurses could be used to exploit...