cybersentinel-agent

CyberSentinel Agent Defensive cybersecurity agent framework w...

RHSA-2026:5076 Red Hat Security Advisory: rhc security update

Bulletin has no description...

EUVD-2026-11542

A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwavreadpcmframess16msadpcm in the library src/audiosource/wav/drwav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The exploi...

EUVD-2008-1007

Malware in sbrugna...

EUVD-2025-2086

Malicious code in bioql PyPI...

CVE-2023-3465

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site...

CVE-2017-15652

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga imagemagick used that. The attack vector is: Someone must open a postscript file though...

CVE-2019-13076

Quest KACE Systems Management Appliance Server Center 9.1.317 is vulnerable to SQL injection. An authenticated user has the ability to execute arbitrary commands against the database. The affected component is /userui/ticketlist.php, and affected parameters are order0column and order0dir...

CVE-2025-1227

A vulnerability was found in ywoa up to 2024.07.03. It has been rated as critical. This issue affects the function selectList of the file com/cloudweb/oa/mapper/xml/AddressDao.xml. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2005-10003 mikexstudios Xcomic os command injection

A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitabilit...

CVE-2024-7658 projectsend process.php get_preview resource injection

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function getpreview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720...

CVE-2024-7658

ProjectSend (up to r1605) has a vulnerability in the get_preview function of process.php that allows improper control of resource identifiers, potentially exploitable remotely. Multiple sources (NVD, Red Hat, osv.dev, CVE listings, PT Security) consistently describe this as a resource-ID manipula...

Tourism Management System 2.0 Cross Site Scripting Vulnerability

Exploit Title: Tourism Management System v2.0 - Cross Site Scripting XSS Exploit Author: Sampath kumar kadajari Vendor Homepage: https://phpgurukul.com/tourism-management-system-free-download/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=7204 Version: v2.0 CVE:...

CVE-2023-1001

The CVE-2023-1001 entry concerns xuliangzhan vxe-table (up to 3.7.9) where the textarea.js export function inputValue is vulnerable to cross-site scripting. The vulnerability is exploitable remotely and is caused by improper handling of inputValue in the vxe-textarea component. Upgrade to version...

F5 Networks BIG-IP : BIG-IP HTTP non-RFC-compliant security exposure (K11342432)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.5.1 / 15.1.7 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K11342432 advisory. This issue occurs when a non-RFC-compliant HTTP request is received by a virtual server on a syste...

PT-2024-22509 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A Cross-Site Request Forgery CSRF issue was found in DedeCMS via the component /dede/mychannel add.php. Recommendations: For DedeCMS version 5.7, as a temporary workaround, consider restricting access to the...

RPyC's missing security check results in code execution when using numpy.array on the server-side.

An issue in Open Source: RPyC v.4.00 thru v.5.3.1 allows a remote attacker to execute arbitrary code via a crafted script to the array attribute component. This vulnerability was introduced in 9f45f826. Attack Vector RPyC services that rely on the array attribute used by numpy are impacted. When...

Improper access control

A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended t...

GHSA-JX6Q-FQ9H-6G7Q Pedroetb TTS-API OS Command Injection

A vulnerability has been found in pedroetb tts-api up to 2.1.4 and classified as critical. This vulnerability affects the function onSpeechDone of the file app.js. The manipulation leads to os command injection. Upgrading to version 2.2.0 is able to address this issue. The patch is identified as...

PT-2023-8212 · D Link · D-Link G416

Name of the Vulnerable Software and Affected Versions: D-Link G416 affected versions not specified Description: The issue is related to a stack-based buffer overflow in the cfgsave function of the HTTP service in D-Link G416 wireless routers. This can be exploited by a remote attacker to execute...