MAL-2026-4475 Malicious code in aes-decode-runner-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2d889fb0fd8c7bc4564c187d81448427b737ff7fe4b78a7ffe6a23c429b83b93 On require'aes-decode-runner-pro', the entry point index.js immediately invokes pkg.run lines 1-3: const pkg = require"./custom-codec"; pkg.run;, whi...

Malicious code in class-weaver (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b4e45cdd0a93db2db56ae7fd2c348305a5ce7aeab9c6fb4b2331c2a547b2c5e7 class-weaver advertises itself as a className/theme utility keywords clsx, utils, styling; exports named classNames and twMerge mimicking...

MAL-2026-4706 Malicious code in vite-plugin-css-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7a47fa75fbd028d1aca89ca790036f760c76d8e486175505ef4a8f59f33e7c76 The package is published as a Vite CSS plugin but exposes no Vite plugin API. Its documented applyGlobalStylespalette, accents export, when called on...

MAL-2026-4549 Malicious code in dot-utils-plus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3091b9bb8cbf714d9391a59f7303a3748e183bbdf0fba2264b7496a2072e717f On every import, dist/index.js base64-decodes a hardcoded AES-256-CBC ciphertext, derives a key from environment variable VITEDOTUTILSAESSECRET,...

PT-2026-35157

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg aes gcm decrypt of the file /src/tls aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may ...

cryptidy allows code execution via untrusted data due to pickle.loads

cryptidy through 1.2.4 allows code execution via untrusted data because pickle.loads is used. This occurs in aesdecryptmessage in symmetricencryption.py...

CVE-2025-63675

The vulnerability CVE-2025-63675 affects cryptidy up to version 1.2.4. The root cause is deserialization of untrusted data via pickle.loads in aes_decrypt_message within cryptidy/symmetric_encryption.py, enabling code execution. Multiple sources (Red Hat, OSV, GHSA, Snyk, CVE records) corroborate...

CVE-2021-29446

jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AESCBCHMACSHA2 Algorithm A128CBC-HS256, A192CBC-HS384, A256CBC-HS512 decryption would always execute both HMAC tag verification and CBC decryption, if either failed...

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

CVE-2025-4876

ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk Assessment allows an attacker to extract a hardcoded AES decryption key via reverse engineering. This key is embedded in plaintext within the binary and used in cryptographic operations without dynamic key management. Once obtained t...

CVE-2025-4876

The CVE-2025-4876 issue affects ConnectWise Risk Assessment’s ConnectWise-Password-Encryption-Utility.exe. Root cause: hardcoded AES decryption key embedded in plaintext in the binary, with no dynamic key management. Impact: an attacker with reverse-engineering capability could obtain the key and...

PT-2025-22018 · Connectwise · Connectwise Risk Assessment

Name of the Vulnerable Software and Affected Versions: ConnectWise Risk Assessment affected versions not specified Description: The issue allows an attacker to extract a hardcoded AES decryption key via reverse engineering from the ConnectWise-Password-Encryption-Utility.exe in ConnectWise Risk...

CVE-2024-47256

CVE-2024-47256 affects 2N Access Commander prior to version 3.3 (notably 1.14 and older). The issue allows an attacker with Admin privileges to read a hardcoded AES passphrase used to decrypt data in certain backup files, enabling potential exposure of backup contents. 2N released version 3.3 to ...

BioTime Directory Traversal / Remote Code Execution

. . \ | \ /|| | | / |/ | | | |/ / \ | | \ | | | Y Y \ / | /|/|| |||| /\ / / / Tested on 8.5.5 Build:20231103.R1905 Tested on 9.0.1 Build:20240108.18753 BioTime, "time" for shellz! https://claroty.com/team82/disclosure-dashboard/cve-2023-38952...

CVE-2022-25332 SK_LOAD timing side channel during AES module decryption in Texas Instruments OMAP L138

The AES implementation in the Texas Instruments OMAP L138 secure variants, present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext...

Injector - Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows

Complete Arsenal of Memory injection and other techniques for red-teaming in Windows What does Injector do? Process injection support for shellcode located at remote server as well as local storage. Just specify the shellcode file and it will do the rest. It will by default inject into notepad.ex...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2631-1)

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service host crash. CVE-2015-2150 A privilege escalation was discovered in the fork syscall via t...

Ubuntu: Security Advisory (USN-2613-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2614-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2614-1 advisory. Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2613-1)

Vincent Tondellier discovered an integer overflow in the Linux kernel's netfilter connection tracking accounting of loaded extensions. An attacker on the local area network LAN could potential exploit this flaw to cause a denial of service system crash of targeted system. CVE-2014-9715 Jan Beulic...