CVE-2026-40069 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

CVE-2026-40069

The vulnerability affects the BSV Ruby SDK (gem) prior to version 0.8.2, specifically BSV::Network::ARC failure detection. From 0.1.0 to 0.8.1, ARC only recognizes REJECTED and DOUBLE_SPEND_ATTEMPTED; responses with txStatus values INVALID, MALFORMED, MINED_IN_STALE_BLOCK, or any ORPHAN-containin...

CVE-2026-40069 bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts

BSV Ruby SDK is the Ruby SDK for the BSV blockchain. From 0.1.0 to before 0.8.2, BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are...

bsv-sdk ARC broadcaster treats INVALID/MALFORMED/ORPHAN responses as successful broadcasts

ARC broadcaster treats failure statuses as successful broadcasts Summary BSV::Network::ARC's failure detection only recognises REJECTED and DOUBLESPENDATTEMPTED. ARC responses with txStatus values of INVALID, MALFORMED, MINEDINSTALEBLOCK, or any ORPHAN-containing extraInfo / txStatus are silently...

DB Elettronica Screen SFT DAB 安全漏洞

DB Elettronica Screen SFT DAB is a series of digital audio broadcast transmitters from DB Elettronica, Italy. A security vulnerability exists in DB Elettronica Screen SFT DAB version 1.9.3, which originates from an authentication bypass in the userManager.cgx endpoint, which could lead to passwor...

EUVD-2008-0199

Malware in sbrugna...

EUVD-2022-39566

Malicious code in bioql PyPI...

EUVD-2025-0159

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-12416

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A VideoStreamEncoder may have been freed in a race condition with VideoBroadcaster::AddOrUpdateSink, resulting in a use-after-free, memory corruption, and a...

CVE-2022-36866

Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...

Cache confusion in Jenkins Eiffel Broadcaster Plugin

The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential. Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key. Thi...

GHSA-FPW7-8GJC-JWQJ Cache confusion in Jenkins Eiffel Broadcaster Plugin

The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential. Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key. Thi...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 both inclusive uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with...

CVE-2025-24400

CVE-2025-24400 affects the Jenkins Eiffel Broadcaster Plugin (versions 2.8.0–2.10.2). The vulnerability arises because the plugin uses the credential ID as the cache key during signing operations, allowing an attacker who can create a credential with the same ID in a different credentials store t...

PT-2025-5358 · Jenkins · Jenkins Eiffel Broadcaster Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Eiffel Broadcaster Plugin versions 2.8.0 through 2.10.2 Description: The issue allows attackers to create a credential with the same ID as a legitimate one in a different credentials store, enabling them to sign an event published to...

Jenkins plugin Eiffel Broadcaster 安全漏洞

Jenkins and Jenkins plugin are both Jenkins open source products.Jenkins is an application software. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins plugin is an application software plugin. A security...

PT-2025-2206 · Obsproject · Obs Studio

Name of the Vulnerable Software and Affected Versions: obsproject OBS Studio versions up to 30.0.2 Description: A vulnerability has been found in obsproject OBS Studio, affecting an unknown functionality. The manipulation leads to an untrusted search path. The attack needs to be approached locall...