Malicious code in class-blend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3876854a76bda6892f76b9b44c67e066bfc6315a7e3d27431137727ff0ee728 The package advertises itself as a clsx/twMerge-style class-name merging utility, but the exported applyGlobalStylespalette, accents function contain...

MAL-2026-4576 Malicious code in hardhat-gas-analytics (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 71b0b8dd866d9c1f4516f4e537a2d61ea3cbe87f06b0195a24c0dea76fef44c0 This package typosquats the widely-used hardhat-gas-reporter Hardhat plugin matching its cache filename .hardhatgasreporteroutput.json and replicatin...

Sercomm SCE4255W 安全漏洞

Sercomm SCE4255W is a broadband gateway device produced by Sercomm in Taiwan, China. Previous versions of Sercomm SCE4255W DG3934v3@2308041842 contained security vulnerabilities. These vulnerabilities stemmed from the use of hard-coded AES-256-CBC keys in the configuration backup/restore mechanis...

CVE-2025-67112

The CVE-2025-67112 entry concerns the Small Cell Sercomm SCE4255W (FreedomFi Englewood) firmware prior to DG3934v3@2308041842, where a hard-coded AES-256-CBC key in the configuration backup/restore flow allows remote authenticated users to decrypt, modify, and re-encrypt device configurations. Th...

Security Bulletin: IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security (CVE-2025-13333)

Summary IBM WebSphere Application Server, which is bundled with IBM Enterprise Application Runtimes, is affected by a vulnerability that could provide weaker than expected security when enabling AES-256 password encryption. Vulnerability Details Refer to the security bulletins listed in the...

[SECURITY] Fedora 43 Update: 7zip-25.01-1.fc43

7-Zip is a file archiver with a high compression ratio. The main features of 7-Zip are: High compression ratio in 7z format with LZMA and LZMA2 compression Supported formats: Packing / unpacking: 7z, XZ, BZIP2, GZIP, TAR, ZIP and WIM Unpacking only: AR, ARJ, CAB, CHM, CPIO, CramFS, DMG, EXT, FAT,...

EUVD-2020-4212

Malware in sbrugna...

EUVD-2015-4106

Malware in sbrugna...

EUVD-2014-2357

Malware in sbrugna...

EUVD-2019-6680

Malware in sbrugna...

EUVD-2009-3262

Malware in sbrugna...

EUVD-2024-41456

Malicious code in bioql PyPI...

EUVD-2023-3110

Malicious code in bioql PyPI...

EUVD-2024-42276

Malicious code in bioql PyPI...

EUVD-2024-41625

Malicious code in bioql PyPI...

EUVD-2022-40324

Malicious code in bioql PyPI...

CVE-2025-34234

Summary: CVE-2025-34234 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413. Two hardcoded private keys are shipped inside application containers (printerlogic/pi, printerlogic/printer-admin-api, printercloud/pi) and stored in p...

Securing Open RAN: a Survey of Cryptographic Challenges and Emerging Solutions for 5G

The advent of Open Radio Access Networks O-RAN introduces modularity and flexibility into 5G deployments but also surfaces novel security challenges across disaggregated interfaces. This literature review synthesizes recent research across thirteen academic and industry sources, examining...

CVE-2024-47124

The goTenna Pro App does not encrypt callsigns in messages. It is recommended to not use sensitive information in callsigns when using this and previous versions of the app and update your app to the current app version which uses AES-256 encryption for callsigns in encrypted operation...

CVE-2023-26154

Versions of the package pubnub before 7.4.0; all versions of the package com.pubnub:pubnub; versions of the package pubnub before 6.19.0; all versions of the package github.com/pubnub/go; versions of the package github.com/pubnub/go/v7 before 7.2.0; versions of the package pubnub before 7.3.0;...