596 matches found
EUVD-2025-27472
Malicious code in bioql PyPI...
EUVD-2022-50682
Malicious code in bioql PyPI...
EUVD-2025-16182
Malicious code in bioql PyPI...
EUVD-2022-1863
Malicious code in bioql PyPI...
EUVD-2022-5615
Malicious code in bioql PyPI...
EUVD-2022-2067
Malicious code in bioql PyPI...
EUVD-2022-2389
Malicious code in bioql PyPI...
EUVD-2022-30890
Malicious code in bioql PyPI...
EUVD-2025-1734
Malicious code in bioql PyPI...
CVE-2025-34173
In pfSense CE /usr/local/www/snort/snortipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, whic...
CVE-2025-34176
In pfSense CE /suricata/suricataipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related strings/characters. This value is directly used in a file existence check operation. While the contents of the file cannot be read, the server reveals whether the fi...
CVE-2025-34176
In pfSense CE /suricata/suricataipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related strings/characters. This value is directly used in a file existence check operation. While the contents of the file cannot be read, the server reveals whether the fi...
CVE-2025-34173
In pfSense CE /usr/local/www/snort/snortipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, whic...
CVE-2025-34176
Summary of impact : CVE-2025-34176 affects pfSense CE with the Suricata package, where the iplist parameter in /suricata/suricata_ip_reputation.php is not sanitized against directory-traversal strings. This leads to a file existence check that reveals whether a file exists, enabling authenticated...
CVE-2025-34176 Netgate pfSense CE Suricata Package v7.0.8_2 Directory Traversal Information Disclosure
In pfSense CE /suricata/suricataipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related strings/characters. This value is directly used in a file existence check operation. While the contents of the file cannot be read, the server reveals whether the fi...
PT-2025-36943
Name of the Vulnerable Software and Affected Versions: pfSense CE affected versions not specified Description: The iplist parameter in /suricata/suricata ip reputation.php is not properly sanitized to prevent directory traversal attempts. This allows an authenticated attacker with “WebCfg -...
PT-2025-36952
Name of the Vulnerable Software and Affected Versions: TinyEnv versions 1.0.1 through 1.0.2 TinyEnv versions 1.0.9 through 1.0.10 Description: TinyEnv did not require the .env file to exist when loading environment variables. This could lead to unexpected behavior where the application silently...
CVE-2025-58458
The CVE-2025-58458 entry concerns the Jenkins Git client Plugin (versions 6.3.2 and earlier, excluding 6.1.4 and 6.2.1). The root cause is inconsistent validation of the Git URL field when using the amazon-s3 protocol with JGit, where the response depends on whether the specified file path exists...
Jenkins plugins Multiple Vulnerabilities (2025-09-03)
According to their self-reported version numbers, the version of Jenkins plugins running on the remote web server are affected by multiple vulnerabilities: - In Jakarta Mail 2.0.2 it is possible to preform a SMTP Injection by utilizing the \r and \n UTF-8 characters to separate different messages...
Linux Distros Unpatched Vulnerability : CVE-2025-46717
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine...