EUVD-2025-24991

Malicious code in bioql PyPI...

WordPress plugin Bit Form builder code problem vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A file upload vulnerability exists in WordPress plugin Bit Form builder 2.20.4 and earlier versions, whi...

CVE-2025-6679

The Bit Form builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 2.20.4. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote co...

PT-2022-16921

Name of the Vulnerable Software and Affected Versions GeoServer versions prior to 2.21.0 GeoServer versions prior to 2.20.4 GeoServer versions prior to 1.19.6 Description The GeoServer security mechanism can perform an unchecked JNDI lookup, which can be used to perform class deserialization and...

Apport Arbitrary Code Execution Vulnerability

Ubuntu is a desktop-oriented GNU/Linux operating system developed by Canonical and the Ubuntu Foundation, and Apport is a toolkit that collects and provides feedback on errors information that the operating system finds useful when an application crashes. A security vulnerability exists in versio...

Cross site scripting

Cross-site scripting XSS vulnerability in enterbug.cgi in Bugzilla 2.17.1 through 2.20.4, 2.22.x before 2.22.3, and 3.x before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the buildid field in the "guided form."...

Mozilla Bugzilla HTML注入及信息泄露漏洞

Bugzilla是很多软件项目都在使用的基于Web的bug跟踪系统。 Mozilla Bugzilla的几个功能模块实现上存在漏洞，远程攻击者可能利用这些漏洞非授权访问用户机器或获取敏感信息。 Bugzilla没有正确地转义一些Atom feed中所生成的字段，如果feed阅读器支持JavaScript且正确地实现了Atom feed规范的话，就可能导致执行跨站脚本。...