EUVD-2024-27585

Malicious code in bioql PyPI...

EUVD-2024-32380

Malicious code in bioql PyPI...

EUVD-2024-27311

Malicious code in bioql PyPI...

CVE-2025-9818 Vulnerability caused by unquoted file paths of Windows services registered by the Uninterruptible Power Supply (UPS) management application

A vulnerability CWE-428 has been identified in the Uninterruptible Power Supply UPS management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd., where the executable file paths of Windows services are not enclosed in quotation marks. If the installation folder path of this product contain...

CVE-2025-9818 Vulnerability caused by unquoted file paths of Windows services registered by the Uninterruptible Power Supply (UPS) management application

A vulnerability CWE-428 has been identified in the Uninterruptible Power Supply UPS management application provided by OMRON SOCIAL SOLUTIONS Co., Ltd., where the executable file paths of Windows services are not enclosed in quotation marks. If the installation folder path of this product contain...

OMRON Uninterruptible Power Supply management application 安全漏洞

OMRON Uninterruptible Power Supply management application is a software for monitoring and configuring uninterruptible power supply devices from OMRON Japan. A security vulnerability exists in the OMRON Uninterruptible Power Supply management application that originates from a Windows service...

CVE-2025-47416

CVE-2025-47416 affects Crestron touch panels TSW-760 and TSW-1060. The vulnerability resides in the ConsoleFindCommandMatchList function in libsymproc.so imported by ctpd, which may lead to unauthorized execution of an attacker-defined file prioritized by ConsoleFindCommandMatchList. The issue is...

PT-2025-36735

Name of the Vulnerable Software and Affected Versions: TSW-760 versions prior to 3.001.0031.001 TSW-1060 versions prior to 3.001.0031.001 Description: A vulnerability exists in the ConsoleFindCommandMatchList function within libsymproc.so imported by ctpd that may allow an attacker to execute an...

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks...

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks...

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks...

CVE-2025-58323

NAVER MYBOX Explorer for Windows is affected by a local privilege escalation (pre-3.0.8.133). The issue arises from improper privilege checks, allowing a local attacker to execute arbitrary files and escalate to NT AUTHORITY\SYSTEM. Multiple sources corroborate the vulnerable version range and im...

PT-2025-35173

Name of the Vulnerable Software and Affected Versions: NAVER MYBOX Explorer for Windows versions prior to 3.0.8.133 Description: NAVER MYBOX Explorer for Windows is susceptible to a local privilege escalation issue. A local attacker can elevate privileges to NT AUTHORITYSYSTEM by executing...

CVE-2025-36174

IBM Integrated Analytics System 1.0.0.0 through 1.0.30.0 could allow an authenticated user to upload a file with dangerous types that could be executed by another user if opened...

CVE-2010-20120

Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...

CVE-2010-20120 Maple <= v13 Maplet File Creation and Command Execution

Maple versions up to and including 13's Maplet framework allows embedded commands to be executed automatically when a .maplet file is opened. This behavior bypasses standard security restrictions that normally prevent code execution in regular Maple worksheets. The vulnerability enables attackers...

GHSA-V22V-XWH7-2VRM UnoPim vulnerable to remote code execution through Arbitrary File upload

Summary: Affected Functionality: Image upload at User creation Endpoint: /admin/settings/users/create Details The image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy lik...

WordPress plugin StoreKeeper for WooCommerce 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Linux Distros Unpatched Vulnerability : CVE-2020-15692

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be open...

CVE-2025-7650

The CVE-2025-7650 entry concerns the BizCalendar Web WordPress plugin (versions up to 1.1.0.50) and describes an Authenticated (Contributor+) Local File Inclusion via the bizcalv shortcode. The underlying risk is that an authenticated attacker with Contributor-level access can include and execute...