Bouncy Castle Has Covert Timing Channel Vulnerability

Covert timing channel vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA core on all core modules. This vulnerability is associated with program files FrodoEngine.Java. This issue affects BC-JAVA: from 1.71 before 1.84...

app.cash.backfila:client-misk-hibernate (>=2025.05.13.195510-03b951f <=2026.03.26.140500-911435f), app.cash.backfila:service (>=2025.05.13.195510-03b951f <=2026.03.26.140500-911435f) +1011 more potentially affected by CVE-2026-3505 via org.bouncycastle:bcpg-jdk18on (>=1.71 <=1.83)

org.bouncycastle:bcpg-jdk18on MAVEN version =1.71, =2025.05.13.195510-03b951f, =2025.05.13.195510-03b951f, =2025.05.13.195510-03b951f, =1.0.0, =1.0.0, =1.1, =1.5.0, =0.1.0, =4.0.0, =7.0.0 and more Source cves: CVE-2026-3505 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-16073606...

WordPress plugin WPB Category Slider for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Eaton IPP 安全漏洞

Eaton IPP is a power management software from Eaton Corporation USA. A security vulnerability exists in Eaton IPP versions prior to v1.71 that stems from the presence of a default credentials issue that could lead an attacker to identify and access vulnerable systems...

PT-2024-11583 · Eaton · Ipp

Name of the Vulnerable Software and Affected Versions: IPP versions prior to v1.71 Description: The issue is related to insufficient verification of data authenticity, causing the software to accept invalid data. This affects multiple versions of the Eaton products. Recommendations: For versions...

PT-2024-11584 · Ipp · Ipp

Name of the Vulnerable Software and Affected Versions: IPP software versions prior to 1.71 Description: The issue is related to a default credential vulnerability. This could lead attackers to identify and access vulnerable systems. Recommendations: For versions prior to 1.71, update to version...

GHSA-QVHF-3567-PC4V Sandbox bypass vulnerability in Script Security Plugin

Sandbox protection in Script Security Plugin 1.70 and earlier can be circumvented through: - Crafted constructor calls and bodies due to an incomplete fix of SECURITY-582 - Crafted method calls on objects that implement GroovyInterceptable This allows attackers able to specify and run sandboxed...

Ayukov NFTP client 1.71 - (SYST) Buffer Overflow Exploit

Exploit Title: Ayukov NFTP client 1.71 - 'SYST' Buffer Overflow Exploit Author: Chase Hatch SYANiDE Vendor Homepage: http://ayukov.com/nftp/ Software Link: ftp://ftp.ayukov.com/pub/nftp/nftp-1.71-i386-win32.exe Version: 1.71 Tested on: Windows XP Pro SP0, SP1, SP2, SP3 CVE :...

PT-2019-2302 · Jenkins · Jenkins Job Dsl Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Job DSL Plugin versions 1.71 and earlier Description: A sandbox bypass issue exists that allows attackers with control over Job DSL definitions to execute arbitrary code on the Jenkins master JVM. The vulnerability is related to error...

Tiny Java Web Server 1.71 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/39666/info Tiny Java Web Server is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include a directory-traversal vulnerability, an open-redirection vulnerability, and a...

CVE-2008-2570

Multiple unspecified vulnerabilities in LimeSurvey formerly PHPSurveyor before 1.71 have unknown impact and attack vectors...

Multiple WarFTPd DoS

The remote WarFTPd server is running a 1.71 version. It is possible for a remote user to cause a denial of service on a host running Serv-U FTP Server, G6 FTP Server or WarFTPd Server. Repeatedly submitting an 'a:/' GET or RETR request, appended with arbitrary data, will cause the CPU usage to...