13 matches found
CVE-2025-62784
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature i...
CVE-2025-62784
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature i...
CVE-2025-62784 InventoryGui allows item duplication in GUIs which use GuiStorageElement
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature i...
CVE-2025-62784 InventoryGui allows item duplication in GUIs which use GuiStorageElement
InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions before 1.6.5 contain a vulnerability where any plugin using a GUI with the GuiStorageElement and allows taking out items out of that element can allow item duplication when the experimental Bundle item feature i...
PT-2025-44049
Name of the Vulnerable Software and Affected Versions InventoryGui versions prior to 1.6.5 Description InventoryGui is a library used for creating chest GUIs for Bukkit/Spigot plugins. A flaw exists in versions before 1.6.5 where item duplication can occur. This happens when a plugin utilizes a G...
EUVD-2023-35202
Malicious code in bioql PyPI...
ai.optfor:spring-openai-api (>=0.1.3 <=0.3.25), ai.timefold.solver:timefold-solver-spring-boot-autoconfigure (>=1.0.0 <=1.4.0) +7517 more potentially affected by CVE-2024-38820 via org.springframework:spring-context (>=6.0.0 <=6.0.23)
org.springframework:spring-context MAVEN version =6.0.0, =0.1.3, =1.0.0, =1.0.0, =0.1.6, =0.0.2, =0.0.6, =0.0.6, =1.3.0, =4.6.18, =4.0.0, =1.0.0, =2.1.0.RELEASE, =2.1.2.RELEASE and more Source cves: CVE-2024-38820 Source advisory: OSV:GHSA-4GC7-5J7H-4QPH...
CVE-2023-30859 Spigot Command Exploit in Triton
Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you enable bungee mode in the config it will enable the bungee bridge and the server will begin to...
CVE-2023-30859
Triton (Minecraft plugin for Spigot/BungeeCord) is affected. The vulnerability stems from the CustomPayload packet allowing execution of commands on the spigot/bukkit console when bungee mode is enabled, broadcasting the triton:main channel. Attackers could send a payload (byte 2 + string command...
CVE-2023-30859 Spigot Command Exploit in Triton
Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you enable bungee mode in the config it will enable the bungee bridge and the server will begin to...
PT-2023-23015 · Triton +2 · Triton +2
Name of the Vulnerable Software and Affected Versions: Triton versions prior to 3.8.4 Description: The issue affects the Triton Minecraft plugin for Spigot and BungeeCord, allowing execution of commands on the spigot/bukkit console through the CustomPayload packet. When bungee mode is enabled in...
JVN#53278122: Minecraft Java Edition vulnerable to directory traversal
Minecraft Java Edition provided by Mojang Studios contains a directory traversal vulnerability CWE-22. Impact Arbitrary JSON files on the system using the product may be deleted by an attacker. Solution Update Minecraft Update Minecraft to the latest version according to the information provided ...
FreeBSD signal DoS
ptrace and spigot device allow to generate signal with negative or out of range valur leading to system panic...