876 matches found
ROS-20251029-06
Vulnerability of drm/amdgpu components of Linux kernel is related to dereferencing of pointer NULL. Exploitation of the vulnerability could allow an attacker to cause a denial of service A vulnerability in the Redis database management system DBMS is related to integer overflow. Exploitation of t...
VulnCheck KEV: CVE-2025-6204
An Improper Control of Generation of Code Code Injection vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to execute arbitrary code...
CVE-2025-62959
Improper Control of Generation of Code 'Code Injection' vulnerability in videowhisper Paid Videochat Turnkey Site ppv-live-webcams allows Remote Code Inclusion.This issue affects Paid Videochat Turnkey Site: from n/a through = 7.3.23...
PT-2025-43966
Name of the Vulnerable Software and Affected Versions privacyIDEA Authenticator version 4.3.0 Description A flaw exists in the handling of OTP/TOTP/HOTP values within the privacyIDEA Authenticator application on Android. A local attacker with root access can bypass two-factor authentication by...
CVE-2025-49926
Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...
WordPress Alone Theme plugin code injection vulnerability
The WordPress Alone Theme plugin is a premium theme for creating photography-based websites that sells close to 10,000 copies in the Envato marketplace and is mainly used by non-profit organizations e.g. charities, fundraising organizations, etc.. WordPress Alone Theme plugin suffers from a code...
EUVD-2025-35419
Improper Control of Generation of Code 'Code Injection' vulnerability in Bearsthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through = 7.8.3...
CVE-2025-62023
Improper Control of Generation of Code 'Code Injection' vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through = 250905...
CVE-2025-62023 WordPress s2Member plugin <= 250905 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Cristián Lávaque s2Member s2member.This issue affects s2Member: from n/a through = 250905...
WordPress plugin Alone Theme 安全漏洞
The WordPress Alone Theme plugin is a premium theme for creating photography-based websites that sells close to 10,000 copies in the Envato marketplace and is mainly used by non-profit organizations e.g. charities, fundraising organizations, etc.. WordPress Alone Theme plugin suffers from a code...
PT-2025-43243
Name of the Vulnerable Software and Affected Versions WP Last Modified Info versions through 1.9.2 Description A flaw exists in WP Last Modified Info that allows for Remote Code Inclusion due to improper control of code generation. This issue allows an attacker to inject code remotely...
RESCUE: Retrieval Augmented Secure Code Generation
Despite recent advances, Large Language Models LLMs still generate vulnerable code. Retrieval-Augmented Generation RAG has the potential to enhance LLMs for secure code generation by incorporating external security knowledge. However, the conventional RAG design struggles with the noise of raw...
EUVD-2025-34678
happy-dom's --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript...
CVE-2025-62410 --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript in happy-dom
In versions before 20.0.2, it was found that --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript in happy-dom. The untrusted script and the rest of the application still run in the same Isolate/process, so attackers can deploy prototype pollution payloads ...
EUVD-2016-6562
Malware in sbrugna...
EUVD-2010-2211
Malware in sbrugna...
EUVD-2018-0674
Malware in sbrugna...
EUVD-2021-25394
Malware in sbrugna...
EUVD-2016-6546
Malware in sbrugna...
EUVD-2025-24745
Malicious code in bioql PyPI...