189 matches found
EUVD-2024-51726
Malicious code in bioql PyPI...
EUVD-2022-24873
Malicious code in bioql PyPI...
EUVD-2022-4110
Malicious code in bioql PyPI...
EUVD-2024-49384
Malicious code in bioql PyPI...
EUVD-2025-27451
Malicious code in bioql PyPI...
EUVD-2024-49374
Malicious code in bioql PyPI...
EUVD-2023-59170
Malicious code in bioql PyPI...
EUVD-2024-33785
Malicious code in bioql PyPI...
Moderate: Red Hat Security Advisory: httpd:2.4 security update
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
OESA-2025-2171 httpd security update
Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP respons...
Moderate: httpd security update
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption...
httpd: insufficient escaping of user-supplied data in mod_ssl
A vulnerability was found in the Apache HTTP Server. Insufficient escaping of user-supplied data in modssl allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to...
firefox: thunderbird: Potential user-assisted code execution in “Copy as cURL” command
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code...
firefox: thunderbird: Potential user-assisted code execution in “Copy as cURL” command
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code...
firefox: thunderbird: Potential user-assisted code execution in “Copy as cURL” command
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Insufficient escaping in the “Copy as cURL” feature could potentially be used to trick a user into executing unexpected code...
CVE-2024-47252 Apache HTTP Server: mod_ssl error log variable escaping
Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...
CVE-2024-47252
CVE-2024-47252 concerns the Apache HTTP Server’s mod_ssl: in versions up to 2.4.63, insufficient escaping of user-supplied data can allow an untrusted TLS client to insert escape characters into log files in some configurations (notably when CustomLog uses "%{varname}x" or "%{varname}c" to log mo...
PT-2025-28330 · WordPress · Foobox
Name of the Vulnerable Software and Affected Versions: The Lightbox & Modal Popup WordPress Plugin – FooBox plugin for WordPress versions up to, and including, 2.7.34 Description: The issue is related to Stored Cross-Site Scripting via image alternative texts due to insufficient input sanitizatio...
PT-2025-26916 · WordPress · Timezonecalculator
Name of the Vulnerable Software and Affected Versions: TimeZoneCalculator plugin for WordPress versions up to, and including, 3.37 Description: The issue is related to Stored Cross-Site Scripting in the TimeZoneCalculator plugin for WordPress. This is due to insufficient input sanitization and...
PT-2025-26914 · WordPress · E.Nigma Buttons
Name of the Vulnerable Software and Affected Versions: e.nigma buttons plugin for WordPress versions up to, and including, 1.1.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'button' shortcode due to insufficient input sanitization and output escaping on...