EUVD-2022-2996

Malicious code in bioql PyPI...

MAL-2025-47841 Malicious code in @rsi-arquitectura/rsi-configuration-module (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e699d13037e04e3d44aeddb6ee89658cb070e04375aaa9fbb42b3fa3709f5405 Any computer that has this package installed or running should be considered...

Malicious code in rsi-configuration-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a9a3e53f5018108f5ce8abbccd7313ccac30e61c7985e5d7d90291c30299957 The OpenSSF Package Analysis project identified 'rsi-configuration-module' @ 1.1.2 npm as malicious. It is considered malicious because: - The...

MAL-2025-47817 Malicious code in rsi-configuration-module (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 9a9a3e53f5018108f5ce8abbccd7313ccac30e61c7985e5d7d90291c30299957 The OpenSSF Package Analysis project identified 'rsi-configuration-module' @ 1.1.2 npm as malicious. It is considered malicious because: - The...

Opencast 安全漏洞

Opencast is a live video support software for large-scale automated video capture, management and distribution from the Opencast organization. A security vulnerability exists in Opencast version 18.0 and versions prior to 17.7, which stems from insufficient path traversal protection in the UI...

CVE-2020-23657

NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...

CVE-2020-23655

NavigateCMS 2.9 is affected by Cross Site Scripting XSS on module "Configuration."...

CVE-2025-2908

The exposure of credentials in the call forwarding configuration module in MeetMe products in versions prior to 2024-09 allows an attacker to gain access to some important assets via configuration files...

CVE-2025-2908

The exposure of credentials in the call forwarding configuration module in MeetMe products in versions prior to 2024-09 allows an attacker to gain access to some important assets via configuration files...

The vulnerability of the file loading function of the configuration module for D-Link DWR 2000M VPN microprogramming router allows a hacker to perform cross-site scripting attacks.

The vulnerability of the file loading function for the configuration module of D-Link DWR 2000M routers exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows attackers to perform cross-site scripting attacks by loading a specially created...

D-Link DWR-2000M Cross-Site Scripting Vulnerability

The D-Link DWR-2000M is a wireless router from China's AUO D-Link. A cross-site scripting vulnerability exists in the D-Link DWR-2000M. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to obtain...

D-Link DWR-2000M 安全漏洞

The D-Link DWR-2000M is a wireless router from China's AUO D-Link. A cross-site scripting vulnerability exists in the D-Link DWR-2000M. The vulnerability stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to obtain...

SUSE CVE-2024-36129

The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue...

kernel: wifi: nl80211: fix NULL-ptr deref in offchan check

A flaw was found in the cfg80211 module in the Linux kernel. In Access Point AP mode, if a wireless link is created by userspace but not yet activated, it may contain an invalid channel definition with no channel. This issue may cause a NULL pointer dereference that results in a denial of service...

Fedora: Security Advisory for kde-gtk-config (FEDORA-2023-e31c3e4b6c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: kde-gtk-config-5.27.1-1.fc37

This is a System Settings configuration module for configuring the appearance of GTK apps in KDE...

CVE-2022-44952

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting XSS vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Ad...

CVE-2022-43185

A stored cross-site scripting XSS vulnerability in the Configuration/Holidays module of Rukovoditel v3.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter...

Cross site scripting

A stored cross-site scripting XSS vulnerability in the Configuration/Holidays module of Rukovoditel v3.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter...

CVE-2022-43185

A stored cross-site scripting XSS vulnerability in the Configuration/Holidays module of Rukovoditel v3.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter...