908 matches found
EUVD-2024-53076
Malicious code in bioql PyPI...
EUVD-2023-31276
Malicious code in bioql PyPI...
EUVD-2022-52899
Malicious code in bioql PyPI...
EUVD-2021-8079
Malicious code in bioql PyPI...
EUVD-2022-48779
Malicious code in bioql PyPI...
EUVD-2021-8075
Malicious code in bioql PyPI...
CVE-2025-58001
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through = 4.1.0...
FlowCrypt: Flow-Based Lightweight Encryption with Near-Lossless Recovery for Cloud Photo Privacy
The widespread adoption of smartphone photography has led users to increasingly rely on cloud storage for personal photo archiving and sharing, raising critical privacy concerns. Existing deep learning-based image encryption schemes, typically built upon CNNs or GANs, often depend on traditional...
CVE-2025-58001
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through = 4.1.0...
WordPress Compact Archives plugin <= 4.1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Compact Archives versions = 4.1.0...
CVE-2025-58001 WordPress Compact Archives plugin <= 4.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through = 4.1.0...
CVE-2025-58001
CVE-2025-58001 is a Stored Cross-Site Scripting (XSS) vulnerability in the Compact Archives WordPress plugin (affected:
CVE-2025-58001 WordPress Compact Archives plugin <= 4.1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Compact Archives compact-archives allows Stored XSS.This issue affects Compact Archives: from n/a through = 4.1.0...
Incorrect Authorization
Overview authlib is a library in building OAuth and OpenID Connect servers. Affected versions of this package are vulnerable to Incorrect Authorization via the deserializecompact function. An attacker can bypass intended authorization policies by crafting a signed token with unknown critical head...
SUSE-SU-2025:20721-1 Security update for git
This update for git fixes the following issues: - Update to 2.51.0 - UI, Workflows & Features - Userdiff patterns for the R language have been added. - Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. - "git cat-file --batch" learns to...
Security update for git
This update for git fixes the following issues: Update to 2.51.0 UI, Workflows & Features Userdiff patterns for the R language have been added. Documentation for "git send-email" has been updated with a bit more credential helper and OAuth information. "git cat-file --batch" learns to understand...
WordPress plugin Compact Archives 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-38752
Name of the Vulnerable Software and Affected Versions Authlib versions prior to 1.6.4 Description Authlib’s JWS verification improperly handles tokens declaring unknown critical header parameters crit, violating RFC 7515 specifications. An attacker can create a signed token with a critical header...
PT-2025-38851
Name of the Vulnerable Software and Affected Versions Noumaan Yaqoob Compact Archives versions through 4.1.0 Description A flaw exists in Noumaan Yaqoob Compact Archives that allows for Stored Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page...
Malicious code in @openzeppelin-compact/utils (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9559f883ef8ce66f28f6c6f0e338ec3c10d5ba28c0e2dd2c7133f5268f7e539f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...