580 matches found
CVE-2025-11344
CVE-2025-11344 affects the ILIAS open-source learning platform in versions up to 8.23, 9.13, and 10.1. The vulnerability involves an unknown function within the Certificate Import Handler that can be manipulated to achieve Remote Code Execution . Exploitation may be possible remotely. A fix is pu...
CVE-2025-11344 ILIAS Certificate Import code injection
A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2...
PT-2025-40942
Name of the Vulnerable Software and Affected Versions ILIAS versions up to 8.23 ILIAS versions up to 9.13 ILIAS versions up to 10.1 Description A flaw exists due to deserialization in the unserialize function of the Test Import component. This manipulation can be initiated remotely. Recommendatio...
EUVD-2023-47314
Malicious code in bioql PyPI...
EUVD-2023-47371
Malicious code in bioql PyPI...
EUVD-2021-8654
Malicious code in bioql PyPI...
EUVD-2025-26077
Malicious code in bioql PyPI...
EUVD-2022-0535
Malicious code in bioql PyPI...
CVE-2025-34520
An authentication bypass vulnerability in Arcserve Unified Data Protection UDP allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms...
CVE-2025-34522
A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...
Vulnerabilities fixed in Arcserve Unified Data Protection
Arcserve has fixed vulnerabilities in Arcserve Unified Data Protection UDP for all versions prior to 10.2. The vulnerabilities include an authentication bypass that allows unauthenticated malicious parties to access protected functions, a reflected cross-site scripting XSS vulnerability that allo...
CVE-2025-34523
A heap-based buffer overflow vulnerability exists in the exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending...
CVE-2025-34521
A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...
CVE-2025-34520 Arcserve UDP < 10.2 Authentication Bypass
An authentication bypass vulnerability in Arcserve Unified Data Protection UDP allows unauthenticated attackers to gain unauthorized access to protected functionality or user accounts. By manipulating specific request parameters or exploiting a logic flaw, an attacker can bypass login mechanisms...
CVE-2025-34521
A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...
CVE-2025-34521 Arcserve UDP < 10.2 Reflected Cross-Site Scripting (XSS)
A reflected cross-site scripting XSS vulnerability exists in the web interface of the Arcserve Unified Data Protection UDP, where unsanitized user input is improperly reflected in HTTP responses. This flaw allows remote attackers with low privileges to craft malicious links that, when visited by...
CVE-2025-34522 Arcserve UDP < 10.2 Pre-Authentication Heap Overflow
A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...
CVE-2025-34522
Arcserve UDP contains a pre-auth heap-based buffer overflow in its input parsing logic (UDP
CVE-2025-34522
A heap-based buffer overflow vulnerability exists in the input parsing logic of Arcserve Unified Data Protection UDP. This flaw can be triggered without authentication by sending specially crafted input to the target system. Improper bounds checking allows an attacker to overwrite heap memory,...
CVE-2025-34523 Arcserve UDP < 10.2 Pre-Authentication Heap Overflow
A heap-based buffer overflow vulnerability exists in the network-facing input handling routines of Arcserve Unified Data Protection UDP. This flaw is reachable without authentication and results from improper bounds checking when processing attacker-controlled input. By sending specially crafted...