12807 matches found
CVE-2026-48267 DNG SDK | NULL Pointer Dereference (CWE-476)
DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...
EUVD-2026-41920
DNG SDK versions 1.7.1 2536 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue...
Malicious code in xnder-sdk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aeeac149a5afa4797eea935b2a54b66fcf2cfd939fce855655208245ba9e5a7 The package's index.js is heavily obfuscated string-array shift/rotate pattern with hex-encoded indices and a while!! decoder loop. Obfuscation of th...
MAL-2026-6906 Malicious code in xnder-sdk-js (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0aeeac149a5afa4797eea935b2a54b66fcf2cfd939fce855655208245ba9e5a7 The package's index.js is heavily obfuscated string-array shift/rotate pattern with hex-encoded indices and a while!! decoder loop. Obfuscation of th...
Malicious code in sol-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea6f550ff0944a5125136900111863f7ec99ea46c3f2472181c87ed2b8ce8c57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6879 Malicious code in sol-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ea6f550ff0944a5125136900111863f7ec99ea46c3f2472181c87ed2b8ce8c57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in polymarket-onchain-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 73556a574d8ee416a5440f889b73cafff3b464650d6b2b2caf4001ce15086f6c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PYSEC-2026-784 Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Summary The Azure Storage Encryption library in Java and other languages is vulnerable to a CBC Padding Oracle attack, similar to CVE-2020-8911. The library is not vulnerable to the equivalent of CVE-2020-8912, but only because it currently only supports AES-CBC as encryption mode. Severity...
PT-2026-55996
Name of the Vulnerable Software and Affected Versions DNG SDK versions 1.7.1 2536 and earlier Description A NULL Pointer Dereference occurs when the software attempts to read from a memory address that is NULL, causing the application to crash. This issue can lead to a denial-of-service condition...
MAL-2026-6738 Malicious code in @jacobtan/decode-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a99e8b0d7812c216410fc0ff557698f61a595d4ded8579c18fab63ab3ac8b924 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2026-55206
Name of the Vulnerable Software and Affected Versions @hey-api/openapi-ts versions prior to 0.97.3 Description An issue exists in the dist/clients/core/params.ts file, which is used as a runtime template in generated SDKs. The buildClientParams function fails to validate unknown keys that start...
CVE-2026-49451
The OpenAPI.NET SDK contains a useful object model for OpenAPI documents in .NET along with common serializers to extract raw OpenAPI JSON and YAML documents from the model. From 2.0.0-preview11 until 2.7.5 and 3.5.4, a small OpenAPI document containing a circular schema reference can cause proce...
Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 447ee314f32023031250cefe4570378f31d8055a02384eccecb5c288ae6e2405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6635 Malicious code in @orbis-lr-sdk/orbis-lr-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 447ee314f32023031250cefe4570378f31d8055a02384eccecb5c288ae6e2405 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2026-6640 Malicious code in @rakuten-rewards/messaging-sdk (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5881076c822a732d6344ff3614bf7437722ca46d9d5f5dbdf3105586fa078dd4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PYSEC-2026-531 Semantic Kernel has Arbitrary File Write via AI Agent Function Calling in .NET SDK
Impact What kind of vulnerability is it? Who is impacted? An Arbitrary File Write vulnerability has been identified in Microsoft's Semantic Kernel .NET SDK, specifically within the SessionsPythonPlugin. Developers who have built applications which include Microsoft's Semantic Kernel .NET SDK and...
[SECURITY] Fedora 44 Update: dotnet10.0-10.0.109-1.fc44
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
[SECURITY] Fedora 44 Update: dotnet9.0-9.0.118-1.fc44
.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...
Fedora 43 : dotnet10.0 (2026-a424c1061e)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a424c1061e advisory. Update to .NET SDK 10.0.109 and Runtime 10.0.9 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...
Fedora 43 : dotnet8.0 (2026-2f80369c73)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2f80369c73 advisory. Update to .NET SDK 8.0.128 and Runtime 8.0.28 Fixes: CVE-2026-45490,CVE-2026-45491,CVE-2026-45591 Release Notes: - SDK:...