@bigchaindb/jwt (>=0.0.18 <=0.0.20), @compas/store (>=0.0.172 <=0.20.0) +36 more potentially affected by CVE-2025-65945 via jws (=4.0.0)

jws NPM version =4.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on jws and may be impacted: - @bigchaindb/jwt =0.0.18, =0.0.172, =11.8.0, =1.0.0-beta.2, =1.1.0, =0.0.22, =15.2.0, =17.1.6, =13.0.0, =10.1.0, =10.4.0, =10.1.0, =10.3.0-snapshot, =0.1.1...

EUVD-2015-5664

Malware in sbrugna...

MAL-2025-9891 Malicious code in @zalastax/nolb-_compas (npm)

The package @zalastax/nolb-compas was found to contain malicious code...

@compas/server (>=0.0.219 <=0.17.0), @eamic/server (>=1.0.1 <=1.0.3) +23 more potentially affected by CVE-2025-46653 via formidable (>=2.1.1 <=2.1.2)

formidable NPM version =2.1.1, =0.0.219, =1.0.1, =3.0.0-alpha.21, =1.0.10, =1.8.8, =0.141.0, =0.0.219, =1.13.0, =1.0.9, =1.3.15, =0.1.0, =0.21.7, =0.1.0, =1.1.0 and more Source cves: CVE-2025-46653 Source advisory: OSV:GHSA-75V8-2H7P-7M2M...

Siemens COMPAS移动应用的错误证书验证

No description provided by source...

Siemens COMPAS Mobile Application Input Validation Vulnerability

Siemens COMPAS Mobile application for Android is an Android-based application from Siemens for quickly searching and viewing existing quotations and orders as well as generating reports and drawings. A security vulnerability exists in versions 1.5 and earlier of the Siemens COMPAS Mobile...

CVE-2015-5717

The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2015-5717

The CVE-2015-5717 issue affects Siemens COMPAS Mobile application for Android (versions prior to 1.6). The root cause is improper verification of X.509 certificates from SSL servers, enabling MITM attackers to spoof servers and exfiltrate sensitive information via a crafted certificate. Public de...

CVE-2015-5717

The Siemens COMPAS Mobile application before 1.6 for Android does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...