EUVD-2026-36326

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return...

EUVD-2025-31132

Malicious code in bioql PyPI...

CVE-2025-36088

IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and 1.10.00-F00 web GUI is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...

Wdja Cross-Site Scripting Vulnerability

Wdja is a Php-based content management system from the Wdja team. A cross-site scripting vulnerability exists in WDJA CMS version 1.5, where the vulnerability tongji parameter does not do XSS filtering on user input, which can be exploited by an attacker to steal user credentials...

CVE-2020-4297

IBM DOORS Next Generation DNG/RRC 6.0.2, 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...