EUVD-2012-5935

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-10753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse- cdt, and all versions prior to version 3.0.1 for...

Malicious code in wtp-next (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-5093 Malicious code in wtp-next (npm)

--- -= Per source details. Do not edit below this line.=-...

Debian: Security Advisory (DLA-2404-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DLA-2404-1 eclipse-wtp - security update

Bulletin has no description...

SUSE SLES12 Security Update : rsyslog (SUSE-SU-2020:0424-1)

This update for rsyslog fixes the following issues : Security issues fixed : CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages bsc1153451. CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages bsc1153459. Non-security issues fixed: Handle multiline...

Incorrect Resource Transfer Between Spheres in eclipse-wtp

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

GHSA-GVXV-5FP2-358Q Incorrect Resource Transfer Between Spheres in eclipse-wtp

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

Man-in-the-Middle (MitM)

spotless-eclipse-groovy, spotless-eclipse-cdt and spotless-eclipse-wtp is vulnerable to man-in-the-middle MitM. The build files in the project resolve dependencies over an insecure HTTP channel. A remote attacker could potentially modify and include malicious code in the build artifacts. Should t...

CVE-2019-10753

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

Design/Logic Flaw

In all versions prior to version 3.9.6 for eclipse-wtp, all versions prior to version 9.4.4 for eclipse-cdt, and all versions prior to version 3.0.1 for eclipse-groovy, Spotless was resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a maliciou...

CVE-2019-10753

CVE-2019-10753 details a vulnerability in Spotless where dependencies were resolved over HTTP in affected Eclipse tooling: eclipse-wtp <3.9.6, eclipse-cdt <9.4.4, and eclipse-groovy

Unsafe Dependency Resolution

Overview com.diffplug.spotless:spotless-eclipse-wtp is a code formatting library. Affected versions of this package are vulnerable to Unsafe Dependency Resolution due to resolving dependencies over an insecure channel http. If the build occurred over an insecure connection, a malicious user could...

CVE-2015-1451

CVE-2015-1451 refers to multiple XSS vulnerabilities in Fortinet FortiOS 5.0 Patch 7 (build 4457) affecting the CAPWAP server. The issue allows remote authenticated users to inject arbitrary web script or HTML via the WTP Name or WTP Active Software Version fields in a CAPWAP Join request. Affect...

wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)

The dissectwtpcommon function in epan/dissectors/packet-wtp.c in the WTP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data type for a certain length field, which allows remote attackers to cause a denial of service integer overflow and infinite loop via a...

wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)

REJECTED CVE A denial of service flaw was found in the way WTP dissector of Wireshark, a network traffic analyzer, performed dissection of certain WTP packet capture files. A remote attacker could provide a specially-crafted WTP packet / packet capture that, once processed, would lead to excessiv...

wireshark: DoS (infinite loop) in the WTP dissector (wnpa-sec-2012-37)

REJECTED CVE A denial of service flaw was found in the way WTP dissector of Wireshark, a network traffic analyzer, performed dissection of certain WTP packet capture files. A remote attacker could provide a specially-crafted WTP packet / packet capture that, once processed, would lead to excessiv...

SuSE 11.2 Security Update : wireshark (SAT Patch Number 7240)

This update to 1.8.4 fixes the following issues : - Wireshark could leak potentially sensitive host name resolution information when working with multiple pcap-ng files. wnpa-sec-2012-30, CVE-2012-5592 - The USB dissector could go into an infinite loop. wnpa-sec-2012-31, CVE-2012-5593 - The sFlow...

Wireshark Multiple Dissector Multiple DoS Vulnerabilities - Dec12 (Windows)

This host is installed with Wireshark and is prone to multiple denial of service vulnerabilities. OpenVAS Vulnerability Test $Id: gbwiresharkmultdosvulndec12win.nasl 5912 2017-04-10 09:01:51Z teissa $ Wireshark Multiple Dissector Multiple DoS Vulnerabilities - Dec12 Windows Authors: Rachana Shett...