96 matches found
p11-kit: NULL dereference via C_DeriveKey with specific NULL parameters
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), io.jenkins.blueocean:blueocean (>=1.27.17 <=1.27.25) +8 more potentially affected by CVE-2026-42524 via org.jenkins-ci.plugins:htmlpublisher (>=1.0 <=1.6)
org.jenkins-ci.plugins:htmlpublisher MAVEN version =1.0, =1.9.2-beta, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.0.0, =1.0.18 Source cves: CVE-2026-42524 Source advisory: OSV:GHSA-F8H4-46XV-H7JJ...
EUVD-2026-16336
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-2100
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-2100 P11-kit: null dereference via c_derivekey with specific null parameters
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
CVE-2026-2100
A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the CDeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potential...
Malicious Package
Overview hemi-btc-staking-actions is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...
CVE-2025-14554 Sell BTC - Cryptocurrency Selling Calculator <= 1.5 - Unauthenticated Stored Cross-Site Scripting via 'orderform_data' AJAX Action
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-14554
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderformdata' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
WordPress plugin “Sell BTC – Cryptocurrency Selling Calculator” has a cross-site scripting vulnerability.
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-5543
Name of the Vulnerable Software and Affected Versions Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress versions prior to 1.5. Description The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is susceptible to Stored Cross-Site Scripting through the orderform data...
EUVD-2026-4516
Malicious code in hemi-btc-staking-actions npm...
Malicious code in hemi-btc-staking-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...
MAL-2026-496 Malicious code in hemi-btc-staking-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b19073a10f9ea03f132e59a88b1c0a694120c696aa0be4824281160c7bfffb56 The package hemi-btc-staking-actions was found to contain malicious code. Source: ghsa-malware...
atomkraft (>=0.0.1 <=0.1.2), bitcoin-utils (>=0.6.1 <=0.7.1) +14 more potentially affected by CVE-2025-69277 via hdwallet (>=0.2.0 <=3.4.0)
hdwallet PYPI version =0.2.0, =0.0.1, =0.6.1, =1.3.6, =0.1.5, =0.1.4, =0.1.6, =0.1.0, =0.1.0, =0.0.2, =0.2.3, =0.1.0, =5.1.0, =0.3.0, =0.5.0a1 and more Source cves: CVE-2025-69277 Source advisory: OSV:GHSA-MRFV-M5WM-5W6W...
MAL-2025-191556 Malicious code in btc-transaction-helper (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 291d3fea363888c43824aaaa26f2eb389674822baacb18e5ff7498c9cfc74dee The package btc-transaction-helper was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview btc-transaction-helper is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packag...
EUVD-2018-5491
Malware in sbrugna...
EUVD-2023-51002
Malicious code in bioql PyPI...
com.btc.ep:btc-embeddedplatform (>=1.9.2-beta <=2.5.9), io.jenkins.blueocean:blueocean (>=1.27.17 <=1.27.25) +8 more potentially affected by CVE-2025-53651 via org.jenkins-ci.plugins:htmlpublisher (>=1.0 <=1.6)
org.jenkins-ci.plugins:htmlpublisher MAVEN version =1.0, =1.9.2-beta, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.27.17, =1.0.0, =1.0.18 Source cves: CVE-2025-53651 Source advisory: OSV:GHSA-367V-5PPJ-2HRX...