431 matches found
EUVD-2022-24673
Malicious code in bioql PyPI...
EUVD-2025-23144
Malicious code in bioql PyPI...
EUVD-2023-12712
Malicious code in bioql PyPI...
EUVD-2022-52775
Malicious code in bioql PyPI...
EUVD-2025-18302
Malicious code in bioql PyPI...
EUVD-2024-48621
Malicious code in bioql PyPI...
EUVD-2022-5488
Malicious code in bioql PyPI...
DMLDroid: Deep Multimodal Fusion Framework for Android Malware Detection with Resilience to Code Obfuscation and Adversarial Perturbations
In recent years, learning-based Android malware detection has seen significant advancements, with detectors generally falling into three categories: string-based, image-based, and graph-based approaches. While these methods have shown strong detection performance, they often struggle to sustain...
CVE-2025-52548
E3 Site Supervisor Control firmware version 2.31F01 contains a hidden API call in the application services that enables SSH and Shellinabox, which exist but are disabled by default. An attacker with admin access to the application services can utilize this API to enable remote access to the...
Copeland E3 Supervisory Control 安全漏洞
Copeland E3 Supervisory Control is an industrial equipment control system from Copeland, USA. A security vulnerability exists in Copeland E3 Supervisory Control versions prior to 2.31F01, which stems from a hidden API call that could result in enabling remote access to the underlying operating...
Linux Distros Unpatched Vulnerability : CVE-2021-39889
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a...
CVE-2025-8285
Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint...
CVE-2025-8217
The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...
CVE-2025-8217
The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...
CVE-2025-8217 Inert Malicious script injected into Amazon Q Developer Visual Studio Code (VS Code) Extension
The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...
CVE-2025-8217 Inert Malicious script injected into Amazon Q Developer Visual Studio Code (VS Code) Extension
The Amazon Q Developer Visual Studio Code VS Code extension v1.84.0 contains inert, injected code designed to call the Q Developer CLI. The code executes when the extension is launched within the VS Code environment; however the injected code contains a syntax error which prevents it from making ...
CVE-2025-8217
CVE-2025-8217 documents describe a vulnerability in the Amazon Q Developer VS Code extension. The v1.84.0 extension contains inert, injected code intended to call the Q Developer CLI, which executes when the extension is launched in VS Code, but the injected code has a syntax error that prevents ...
Alert Enterprise Guardian 安全漏洞
Alert Enterprise Guardian is a physical identity and access management system open-sourced by Alert Enterprise in the United States. A security vulnerability exists in Alert Enterprise Guardian version 4.1.14.2.2.1, which originates from elevation to administrator privileges via the IsAdminApprov...
CVE-2025-31513
CVE-2025-31513 affects AlertEnterprise Guardian 4.1.14.2.2.1. The issue allows privilege escalation to administrator via the IsAdminApprover parameter in a Request Building Access submission (/requestSubmit API). Remediation is to upgrade to a non-vulnerable build version listed by the vendor (e....
PT-2025-30452 · Alertenterprise · Alertenterprise Guardian
Name of the Vulnerable Software and Affected Versions: AlertEnterprise Guardian version 4.1.14.2.2.1 Description: An issue allows bypassing manager approval via the isAddedByApprover parameter in a Request Building Access requestSubmit API call. Recommendations: Apply a fix to address the bypass ...