Malicious code in polymer-ids-raf (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cecc24344f80327cd8a99203e40ddbbcbabd9cb3942acd33e56542fb9ddbd3a6 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-138611

Malicious code in polymer-afaj-raf npm...

EUVD-2025-137515

Malicious code in polymer-ids-raf npm...

raf-mix.com.pl Cross Site Scripting vulnerability OBB-3896935

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Fedora: Security Advisory for LibRaw (FEDORA-2023-659606fa84)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: LibRaw-0.21.1-4.fc38

LibRaw is a library for reading RAW files obtained from digital photo cameras CRW/CR2, NEF, RAF, DNG, and others. LibRaw is based on the source codes of the dcraw utility, where part of drawbacks have already been eliminated and part will be fixed in future...

Fedora: Security Advisory for LibRaw (FEDORA-2020-2d9d628dd2)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for LibRaw (FEDORA-2020-c6fa12cfb1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

raf-leasing.ru Cross Site Scripting vulnerability OBB-1205012

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Buffer Over-read

libexiv2.so is vulnerable to buffer over-read. The function RafImage::readMetadata in rafimage.cpp ignores the buffer size when reading metadata of raf images which can lead to an out-of-bounds read...

Fedora Update for LibRaw FEDORA-2018-801432b551

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: Vulnerabilities in OpenSSL affect Rational Automation Framework (CVE-2015-1790)

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by Rational Automation Framework. Rational Automation Framework has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-1790 DESCRIPTION: OpenSSL is vulnerable to a denial of...

Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects Rational Automation Framework (CVE-2015-4000)

Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects Rational Automation Framework. Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the failure to...

Security Bulletin: Open Source Tomcat vulnerabilities in May 2014 X-Force Report (CVE-2014-0075, CVE-2014-0099) for RAF

Summary Previous releases of IBM Rational Automation Framework RAF are affected by the vulnerabilities in Apache Tomcat that may allow remote attackers to influence the availability of the Framework Server. Vulnerability Details | Subscribe to My Notifications to be notified of important product...

Security Bulletin: Open Source Apache HTTP vulnerabilities (CVE-2014-0098) for RAF

Summary Previous releases of IBM Rational Automation Framework RAF are affected by the vulnerabilitie in Apache HTTP Server that may allow remote attackers to influence the availability of the Framework Server. Vulnerability Details | Subscribe to My Notifications to be notified of important...

raf.mod.uk XSS vulnerability

Vulnerable URL: https://www.raf.mod.uk/search/index.cfm?searchtext=+Search+this+site"'--!=Go Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure...

raf.mod.uk XSS vulnerability

Vulnerable URL: http://www.raf.mod.uk/aircadets/search/index.cfm Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 87794 VIP website status:| No Check raf.mod.uk SSL connection:| Grade: A+ Coordinated Disclosure...

raf.mod.uk XSS vulnerability

Vulnerable URL:...

raf.mod.uk XSS vulnerability

Vulnerable URL: http://www.raf.mod.uk/aircadets/newsandevents/index.cfm?tag=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 13.03.2017 Latest check for patch:| 13.03.2017 12:09 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclos...

CVE-2012-4816

CVE-2012-4816 affects IBM Rational Automation Framework (RAF) 3.0 and later. An attacker can bypass the Environment Wizard access controls by visiting context roots via the RAF web UI on port 8080, bypassing the intended restrictions. The IBM Security Bulletin (E103076C...) confirms the vulnerabi...