16 matches found
EUVD-2025-27406
Malicious code in bioql PyPI...
EUVD-2025-27389
Malicious code in bioql PyPI...
EUVD-2025-27408
Malicious code in bioql PyPI...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...
CVE-2025-57539
A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57539
Vulnerability summary (CVE-2025-57539) : Proxmox Virtual Environment 8.4 is affected by a stored XSS in the U2F Origin field of the Datacenter configuration. Authenticated users can store input that is rendered unsafely in the Web UI and executed when viewed by others, potentially enabling sessio...
CVE-2025-57540
CVE-2025-57540 describes a stored cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment (PVE) 8.4, specifically in the WebAuthn Relying Party field of the Datacenter configuration. The issue allows authenticated users to inject JavaScript that runs in the browsers of others who ...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57538
A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...
CVE-2025-57539
A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...
CVE-2025-57539
A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...
CVE-2025-57540
A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...