38 matches found
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44295 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44295 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643443...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44292 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44292 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643320...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44291 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44291 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643305...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44290 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44290 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643420...
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44288 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44288 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643235...
CVE-2026-35383
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
EUVD-2026-18544
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
CVE-2026-35383
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
CVE-2026-35383 Bentley Systems iTwin Platform exposed access token
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
CVE-2026-35383
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
CVE-2026-35383 Bentley Systems iTwin Platform exposed access token
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
CVE-2026-35383
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could have used this token to enumerate or delete assets. As of 2026-03-27, the token is no longer present in the pages and cannot be used to enumerate or delete assets. T...
Bentley Systems iTwin Platform exposed access token
RISK EVALUATION Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. 2. RECOMMENDED PRACTICES As of 2026-03-27, the token is no longer present in the web pages and...
PT-2026-29884
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages. An unauthenticated attacker could use this token to enumerate or delete certain assets. As of 2026-03-27, the token is no longer present in the web pages and cannot be used to enumerate or delete...
CVE-2026-3990
A security flaw has been discovered in CesiumGS CesiumJS up to 1.137.0. Affected by this issue is some unknown functionality of the file Apps/Sandcastle/standalone.html. The manipulation of the argument c results in cross site scripting. The attack can be launched remotely. The exploit has been...
EUVD-2014-1632
Malware in sbrugna...
Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1738 Weston Embedded uC-HTTP HTTP Server form boundary memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-28379 SUMMARY A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP...
Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability
Talos Vulnerability Report TALOS-2023-1732 Weston Embedded uC-HTTP HTTP Server memory corruption vulnerability November 14, 2023 CVE Number CVE-2023-28391 SUMMARY A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Speciall...
Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability
Talos Vulnerability Report TALOS-2023-1733 Weston Embedded uC-HTTP HTTP Server form boundary heap-based buffer overflow vulnerability November 14, 2023 CVE Number CVE-2023-27882 SUMMARY A heap-based buffer overflow vulnerability exists in the HTTP Server form boundary functionality of Weston...
SUSE CVE-2014-1556
Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library...