Malicious code in carvus-lens (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector be2182b552b0a8359f3314078d48310cfcd57738e1934aacf00ac8775a32cfe0 carvus-lens is a screen-capture/OCR Electron-style tool whose advertised 'Ask AI', 'Translate', and 'Search' features silently route user-selected...

CVE-2026-33989 @mobilenext/mobile-mcp alllows arbitrary file write via Path Traversal in mobile screen capture tools

Mobile Next is an MCP server for mobile development and automation. Prior to version 0.0.49, the @mobilenext/mobile-mcp server contains a Path Traversal vulnerability in the mobilesavescreenshot and mobilestartscreenrecording tools. The saveTo and output parameters were passed directly to...

EUVD-2025-6368

Malicious code in bioql PyPI...

CVE-2025-2080

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain an exposed web management service that could allow an attacker to bypass authentication measures and gain controls over utilities within the products...

CVE-2025-2080

The CVE-2025-2080 entry covers Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool (version 3.1.2rc11). The connected sources document two concrete issues: (1) an exposed web management service that could allow an attacker to bypass authentication and gain control o...

CVE-2025-2079

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT JSON Web Token sessions...

CVE-2025-2079

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT JSON Web Token sessions...

Optigo Networks Visual BACnet Capture Tool和Optigo Visual Networks Capture Tool 安全漏洞

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool are both products of Optigo Inc.Optigo Networks Visual BACnet Capture Tool is a Optigo Networks Visual BACnet Capture Tool is a tool for capturing BACnet network traffic and automatically uploading the captured dat...

Optigo Networks Visual BACnet Capture Tool和Optigo Visual Networks Capture Tool 安全漏洞

Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool are both products of Optigo, Inc.Optigo Networks Visual BACnet Capture Tool is a Optigo Networks Visual BACnet Capture Tool is a tool for capturing BACnet network traffic and automatically uploading the captured da...

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems ICS advisories on March 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-070-01 Schneider Electric Uni-Telway Driver ICSA-25-070-02 Optigo Networks Visual BACnet...

tcpdump: SMB data printing mishandled

tcpdump before 4.9.3 mishandles the printing of SMB data issue 2 of 2...

tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c

An out-of-bounds read vulnerability was discovered in tcpdump while printing LMP packets captured in a pcap file or coming from the network. A remote attacker may abuse this flaw by sending specially crafted packets that, when printed, would trigger the flaw and crash the application...

tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c

The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgpattrprint MPREACHNLRI...

Adobe Prelude CC 2019 Insecure Library Loading (DLL Hijacking) Vulnerability

Adobe Prelude CC 2019 is a video recording and capture tool designed for intuitive and efficient media organizing and metadata entry, quickly tagging and transcoding video footage and creating rough cuts on the fly. An insecure library loading DLL hijacking vulnerability exists in Adobe Prelude C...

tcpdump: Buffer over-read in print-isoclns.c:isis_print_id() in ISO IS-IS parser

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isisprintid...

tcpdump: Buffer over-read in print-isoclns.c:esis_print() in ISO ES-IS parser

The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esisprint...

Tcpdump PIMv2 Parser Buffer Overflow Vulnerability

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run at the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.PIMv2 parser is one of the PIM multicast protocol parsers. A buffer...

Tcpdump PIM Parser Buffer Overflow Vulnerability

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run at the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.PIM parser is one of the PIM multicast protocol parsers. A buffer...

Tcpdump PPP parser buffer overflow vulnerability (CNVD-2017-28271)

Tcpdump is a set of sniffing tools developed by the Tcpdump team that run under the command line. The tools allow users to intercept and display TCP/IP and other packets sent or received over a network connection to that computer.PPP parser is one of the peer-to-peer protocol parsers. A buffer...

PT-2017-12869

Name of the Vulnerable Software and Affected Versions tcpdump versions prior to 4.9.2 Description The issue is related to a buffer over-read in the LLDP parser, specifically in the lldp mgmt addr tlv print function within print-lldp.c. Recommendations For versions prior to 4.9.2, update to versio...