Malicious code in verify-tactiva-mec (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 85fa9b47869c28dc4208e7ba320ed63dc746289c75553c6eec0486872ccd1e80 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-146351

Malicious code in verify-tactiva-mec npm...

Malicious code in @abg-mec/fwk-fe-devcraft (npm)

The package @abg-mec/fwk-fe-devcraft was found to contain malicious code...

Secret Sharing in 5G-MEC: Applicability for Joint Security and Dependability

Multi-access Edge Computing MEC, an enhancement of 5G, processes data closer to its generation point, reducing latency and network load. However, the distributed and edge-based nature of 5G-MEC presents privacy and security challenges, including data exposure risks. Ensuring efficient manipulatio...

CVE-2021-31887

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

ares.cnice.mec.es Cross Site Scripting vulnerability OBB-3899690

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ai-mec.com Improper Access Control vulnerability OBB-3791660

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

staging.carnegie-mec.org Cross Site Scripting vulnerability OBB-3522833

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Veeam Support for Azure Public MEC

Overview Veeam supports using Veeam Agent for Microsoft Windows and Veeam Agent for Linux to backup virtual machines running on Azure Public MEC. Azure Public MEC is a low-latency offering, fully manageable within the Azure portal, and links to standard Azure management and services. Services...

CVE-2022-38371

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 =...

CVE-2022-38371

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 = V2.3 =...

PT-2021-16381 · WordPress · Modern Events Calendar Lite

Name of the Vulnerable Software and Affected Versions: The Modern Events Calendar Lite WordPress plugin versions prior to 6.1.5 Description: The issue is related to an unauthenticated SQL injection problem. It occurs because the time parameter is not properly sanitised and escaped before being us...

VulnCheck KEV: CVE-2021-24946

The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mecloadsinglepage AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue...

CVE-2021-31888

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31890

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303, PLUSCONTROL 1st Gen All versions, SIMOTICS CONNECT 400 All versions V0.5.0.0, SIMOTICS CONNECT 400 All versions V1.0.0.0. The total length of an TCP...

CVE-2021-31882

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303. The DHCP client application does not validate the length of the Domain Name Server IP options 0x06 when processing DHCP ACK packets. This may lead to...

Design/Logic Flaw

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31888

A vulnerability has been identified in APOGEE MBC PPC BACnet All versions, APOGEE MBC PPC P2 Ethernet All versions, APOGEE MEC PPC BACnet All versions, APOGEE MEC PPC P2 Ethernet All versions, APOGEE PXC Compact BACnet All versions = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and = V2.3 and...

CVE-2021-31885

CVE-2021-31885 : TFTP memory buffer reading vulnerability reported in Siemens Nucleus APOGEE/MBC/TALON/TALON-related products (PPC/BACnet, P2 Ethernet, Desigo PXC, PXM, Nucleus NET, etc.) where a malformed TFTP command can read the contents of the TFTP memory buffer. Source documents from the vul...

CVE-2021-31884

CVE-2021-31884 affects Siemens Nucleus/APOGEE/TALON family (MBC/MEC/PXC/Nucleus) with a DHCP client hostname option handling flaw. The DHCP hostname data is not guaranteed to be NULL-terminated, which can cause out-of-bounds reads/writes and Denial-of-Service. The available connected sources conf...