27 matches found
EUVD-2024-30560
Malicious code in bioql PyPI...
EUVD-2024-30507
Malicious code in bioql PyPI...
EUVD-2024-30314
Malicious code in bioql PyPI...
CVE-2025-55580
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting XSS issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8...
CVE-2025-55580
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting XSS issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8...
CVE-2025-55580
SolidInvoice version 2.3.7 is vulnerable to a stored cross-site scripting XSS issue in the Clients module. An authenticated attacker can inject JavaScript that executes in other users' browsers when the Clients page is viewed. The vulnerability is fixed in version 2.3.8...
PT-2025-35249
Name of the Vulnerable Software and Affected Versions: SolidInvoice versions 2.3.7 through 2.3.8 Description: SolidInvoice is susceptible to a Cross-Site Scripting XSS issue within its client-side functionality. Recommendations: SolidInvoice version 2.3.7 should be updated. SolidInvoice version...
CVE-2024-32512
Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing Important Client Functionality.This issue affects weForms: from n/a through 1.6.20...
CVE-2024-32774
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2...
PT-2025-9200 · Ntpd-Rs · Ntpd-Rs
Name of the Vulnerable Software and Affected Versions: ntpd-rs versions prior to 1.5.0 Description: Two denial of service issues were found in the handling of NTS cookies in the client functionality. These issues can cause ntpd-rs to crash when an NTS source is configured and the server sends...
Elber Communications Equipment 安全漏洞
Elber Communications Equipment is a communications equipment from Elber Corporation. A security vulnerability exists in Elber Communications Equipment that stems from the presence of unauthenticated device configurations and the disclosure of hidden client functionality...
CVE-2024-32774
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2...
CVE-2024-32774 WordPress ProfileGrid plugin <= 5.8.2 - Group Members Limit Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in Metagauss ProfileGrid allows Removing Important Client Functionality.This issue affects ProfileGrid : from n/a through 5.8.2...
CVE-2024-32521
CVE-2024-32521 affects the WordPress plugin Zero Spam by Highfivery (versions
CVE-2024-32512
The CVE-2024-32512 entry concerns the WordPress weForms plugin (versions up to and including 1.6.20) with a Form Submission Restriction Bypass issue caused by Client-Side Enforcement of Server-Side Security. Affected component: weForms form submission logic; root cause: client-side enforcement al...
CVE-2024-23462 ZCC Mac validinstaller file integrity check missing
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4...
CVE-2023-32955
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in DHCP Client Functionality in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors...
Command injection
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in DHCP Client Functionality in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors...
CVE-2023-32955
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in DHCP Client Functionality in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors...
CVE-2023-32955
Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in DHCP Client Functionality in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors...