MAL-2026-3258 Malicious code in @tech-global/internal-gateway-core (npm)

Dependency confusion and typosquatting campaign by threat actor "saif777". Packages use inflated version numbers 9999.9999.9999, 9999.9999.10000, 50.50.50, 7.66.5 to win version resolution in environments with private registries. All active packages execute a postinstall hook "node index.js" that...

EUVD-2024-25864

Malicious code in bioql PyPI...

CVE-2024-28778

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 is vulnerable to exposure of Artifactory API keys. This vulnerability allows users to publish code to private packages or repositories under the name of the organization...

IBM Cognos Controller和IBM Controller 信任管理问题漏洞

IBM Cognos Controller and IBM Controller are both products of International Business Machines IBM.IBM Cognos Controller is a business intelligence and planning solution. The product features process automation, financial audit control, and the creation and management of financial reports.IBM...

SUSE CVE-2004-1029

The Sun Java Plugin capability in Java 2 Runtime Environment JRE 1.4.201, 1.4.204, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using th...

Sun Java Plug-in fails to restrict access to private Java packages

Overview There is a vulnerability in the Sun Java Plug-in that could allow a malicious Java applet to bypass restrictions for untrusted applets. Description The Java Plug-in is part of the Java 2 Runtime Environment JRE and establishes a framework for displaying Java applets within a web browser...