Improper Validation of Certificate with Host Mismatch

Overview Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch due to the NiFiRegistryHostnameVerifier checking hostnames against subjectAltNames on any certificate in the TLS chain instead of verifying only the leaf/server certificate. An...

MAL-2025-188452 Malicious code in optimize-css-assets-webpack-plugin-terser-rollup-plugin-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9abf544e29423b7c4a79b3a0794c0292360330e730a5ed59e506c1cfdb40799 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

@ionic/cli-plugin-ionic1 (>=0.0.2 <=0.0.3), @phoenix-plugin-registry/com.vevedh.ioniccli (=1.1.2) +21 more potentially affected by CVE-2015-1164 via serve-static (>=1.7.0 <=1.7.1)

serve-static NPM version =1.7.0, =0.0.2, =1.1.0, =0.0.1, =0.0.1, =0.1.0, =1.0.0, =1.0.0, =1.2.9, =0.0.9, =0.0.1, =0.0.1, =1.0.0, =0.0.1, =0.0.5 - isz =0.0.2 and more Source cves: CVE-2015-1164 Source advisory: OSV:GHSA-C3X7-GJMX-R2FF...

On servers after installing the hotfix XA650R07W2K8R2X64017 the IMA service won't start.

On several servers after installing the hotfix XA650R07W2K8R2X64017 the IMA service won't start anymore although no error was returned during Hotfix installation. In the IMA Runtime registry, the Currently Loading Plugin will have MfSrvss.dll. Moreover, when checking the Certificate settings for...