CVE-2026-53855

OpenClaw prior to 2026.4.2 is vulnerable to an inline-eval bypass through shell positional parameters, allowing authenticated operators to weaken strict allowlist checks. Attackers can combine allowlisted tools with shell positional arguments to inject inline-eval content into shell carriers that...

CVE-2023-40447

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing web content may lead to arbitrary code execution...

CVE-2025-1983

A cross-site scripting XSS vulnerability in Ready's File Explorer upload functionality allows injection of arbitrary JavaScript code in filename. Injected content is stored on server and is executed every time a user interacts with the uploaded file...

PT-2025-52257

Name of the Vulnerable Software and Affected Versions Tina versions prior to 3.1.1 Description Tina is a headless content management system. Versions of Tina prior to 3.1.1 improperly utilize the gray-matter package, potentially allowing attackers who control the content of markdown files—such as...

EUVD-2020-25410

Malware in sbrugna...

EUVD-2019-3408

Malware in sbrugna...

EUVD-1999-0534

Malware in sbrugna...

EUVD-2007-6493

Malware in sbrugna...

EUVD-2023-1877

Malicious code in bioql PyPI...

EUVD-2024-2381

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-30954

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2...

Linux Distros Unpatched Vulnerability : CVE-2019-6226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, watchOS 5.1.3, Safari 12.0.3,...

CVE-2025-42948 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABAP Platform

Due to a Cross-Site Scripting XSS vulnerability in SAP NetWeaver ABAP Platform, an unauthenticated attacker could generate a malicious link and make it publicly accessible. If an authenticated user clicks on this link, the injected input is processed during the website�s page generation, resultin...

PT-2025-32608 · Sap · Sap Netweaver/Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver ABAP Platform affected versions not specified Description: A Cross-Site Scripting XSS issue exists in SAP NetWeaver ABAP Platform. An unauthenticated attacker can create a malicious link and distribute it publicly. If an...

CVE-2024-38369

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The content of a document included using include reference="targetdocument"/ is executed with the right of the includer and not with the right of its author. This means that any user able to...

CVE-2023-46242

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have programming privileges in order to exploit this vulnerability. This issue...

CVE-2023-26472

XWiki Platform is a generic wiki platform. Starting in version 6.2-milestone-1, one can execute any wiki content with the right of IconThemeSheet author by creating an icon theme with certain content. This can be done by creating a new page or even through the user profile for users not having ed...

CVE-2025-2261

Stored XSS in TIBCO ActiveMatrix Administrator allows malicious data to appear to be part of the website and run within user's browser under the privileges of the web application...

CVE-1999-0537

A configuration in a web browser such as Internet Explorer or Netscape Navigator allows execution of active content such as ActiveX, Java, Javascript, etc...

FreeBSD : Mozilla -- javescript content execution (9c37a02e-2e85-11f0-a989-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9c37a02e-2e85-11f0-a989-b42e991fc52e advisory. [email protected] reports: A process isolation vulnerability in Thunderbird stemmed from improper...