MiracleLinux 4 : xalan-j2-2.7.0-9.9.AXS4 (AXSA:2014-224:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-224:01 advisory. Xalan is an XSLT processor for transforming XML documents into HTML, text, or other XML document types. It implements the W3C Recommendations for XSL...

CVE-2019-2633

Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite subcomponent: Messages. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2025-12762

pgAdmin versions up to 9.9 are affected by a Remote Code Execution RCE vulnerability that occurs when running in server mode and performing restores from PLAIN-format dump files. This issue allows attackers to inject and execute arbitrary commands on the server hosting pgAdmin, posing a critical...

EUVD-2020-22380

Malware in sbrugna...

EUVD-2008-7050

Malware in sbrugna...

EUVD-2021-22319

Malware in sbrugna...

EUVD-2018-14965

Malware in sbrugna...

EUVD-2017-12624

Malware in sbrugna...

EUVD-2025-29358

Malicious code in bioql PyPI...

EUVD-2024-18724

Malicious code in bioql PyPI...

EUVD-2022-26615

Malicious code in bioql PyPI...

WordPress Code Engine Plugin <= 0.3.3 - Remote Code Execution (RCE) Vulnerability

Remote Code Execution RCE Vulnerability discovered by theviper17 in WordPress Plugin Code Engine versions = 0.3.3...

CVE-2019-2638

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite subcomponent: Consolidation Hierarchy Viewer. Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows low privileged...

OpenBSD OpenSSH 7.4 - 9.9 Unspecified Vulnerability

OpenBSD OpenSSH is prone to an unspecified vulnerability due to a logic error. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-21556

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain component: Agile Integration Services. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM...

Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products

Oracle is urging customers to apply its January 2025 Critical Patch Update CPU to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is a bug in the Oracle Agile Product Lifecycle Management PLM Framework CVE-2025-21556, CVSS score: 9.9 that...

CVE-2025-21556

Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain component: Agile Integration Services. The supported version that is affected is 9.3.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Agile PLM...

PT-2024-17506 · Mattermost · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost versions 9.7.x through 9.7.5 Mattermost versions 9.8.x through 9.8.2 Mattermost versions 9.9.x through 9.9.2 Description: The issue arises from the failure to properly propagate permission scheme updates across cluster nodes. This...

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Veeam has released security updates to address a critical flaw impacting Service Provider Console VSPC that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted...

LoLLMs 跨站请求伪造漏洞

LoLLMs is a Web UI for a large language multimodal system by the individual developer Saifeddine ALOUI. A cross-site request forgery vulnerability exists in LoLLMs version v9.9, which stems from the presence of a cross-site request forgery CSRF vulnerability that allows an attacker to trick a...