98 matches found
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), io.jenkins.blueocean:blueocean (>=1.27.17 <=1.27.25) +8 more potentially affected by CVE-2026-42524 via org.jenkins-ci.plugins:htmlpublisher (>=1.0 <=1.6)
org.jenkins-ci.plugins:htmlpublisher MAVEN version =1.0, =1.9.2-beta, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.0.0, =1.0.18 Source cves: CVE-2026-42524 Source advisory: OSV:GHSA-F8H4-46XV-H7JJ...
EUVD-2026-16336
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
ALPINE-CVE-2026-2100
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-2100
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-2100
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-2100 P11-kit: null dereference via c_derivekey with specific null parameters
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
Malicious Package
Overview hemi-btc-staking-actions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
CVE-2025-14554 Sell BTC - Cryptocurrency Selling Calculator <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-14554
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
PT-2026-5543
Name of the Vulnerable Software and Affected Versions Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress versions prior to 1.5. Description The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the orderform data...
WordPress plugin “Sell BTC – Cryptocurrency Selling Calculator” has a cross-site scripting vulnerability.
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Malicious code in hemi-btc-staking-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...
EUVD-2026-4516
Malicious code in hemi-btc-staking-actions npm...
MAL-2026-496 Malicious code in hemi-btc-staking-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...
atomkraft (>=0.0.1 <=0.1.2), bitcoin-utils (>=0.6.1 <=0.7.1) +14 more potentially affected by CVE-2025-69277 via hdwallet (>=0.2.0 <=3.4.0)
hdwallet PYPI version =0.2.0, =0.0.1, =0.6.1, =1.3.6, =0.1.5, =0.1.4, =0.1.6, =0.1.0, =0.1.0, =0.0.2, =0.2.3, =0.1.0, =5.1.0, =0.3.0, =0.5.0a1 and more Source cves: CVE-2025-69277 Source advisory: OSV:GHSA-MRFV-M5WM-5W6W...
Malicious Package
Overview btc-transaction-helper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
MAL-2025-191556 Malicious code in btc-transaction-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 291d3fea363888c43824aaaa26f2eb389674822baacb18e5ff7498c9cfc74dee The package btc-transaction-helper was found to contain malicious code. Source: ghsa-malware...
EUVD-2018-5491
Malware in sbrugna...
EUVD-2023-51002
Malicious code in bioql PyPI...