CVE-2025-35056

Newforma Info Exchange NIX '/UserWeb/Common/MarkupServices.ashx' 'StreamStampImage' accepts an encrypted file path and returns an image of the specified file. An authenticated attacker can read arbitrary files subject to the privileges of NIX, typically 'NT AUTHORITY\NetworkService', and the...

CVE-2025-11539

Grafana Image Renderer (grafana-image-renderer) is affected by an ARBITRARY FILE WRITE leading to remote code execution via /render/csv, where a lack of validation of filePath allows saving a shared object to an arbitrary location loaded by Chromium. Affected versions are 1.0.0 through 4.0.16. Ex...

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

CVE-2025-11530 code-projects Online Complaint Site state.php sql injection

A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the...

grafana-image-renderer 安全漏洞

grafana-image-renderer is a Grafana open source backend plugin for Grafana. A security vulnerability exists in grafana-image-renderer versions 1.0.0 through 4.0.16, which stems from the /render/csv endpoint that does not validate the filePath parameter, which could lead to remote code execution...

PT-2025-41359

Name of the Vulnerable Software and Affected Versions Grafana Image Renderer versions 1.0.0 through 4.0.16 Description Grafana Image Renderer is susceptible to remote code execution due to an arbitrary file write issue. The /render/csv API endpoint lacks proper validation of the filePath paramete...

CVE-2025-11445

Kilo Code up to 4.86.0 is affected by an injection vulnerability in the ClineProvider function of src/core/webview/ClineProvider.ts within the Prompt Handler component. The issue allows remote manipulation and has publicly disclosed exploits; remediation is to apply the patch. The available docum...

CampCodes Advanced Online Voting Management System SQL注入漏洞

CampCodes Advanced Online Voting Management System is an advanced online voting management system from CampCodes Philippines, Inc. A SQL injection vulnerability exists in CampCodes Advanced Online Voting Management System version 1.0, which stems from an incorrect manipulation of the parameter...

TOTOLINK N600R 安全漏洞

The TOTOLINK N600R is a dual-band wireless router launched by Korean brand TOTOLINK in 2013, supporting concurrent operation in the 2.4GHz and 5GHz bands with a maximum wireless transfer rate of 300Mbps. The TOTOLINK N600R suffers from a buffer overflow vulnerability that originates from the...

CVE-2025-11417

CVE-2025-11417 affects Campcodes Advanced Online Voting Management System 1.0. The issue is in the unknown code of /admin/voters_add.php where manipulating the photo argument can lead to unrestricted file upload. Attack is remote and, per the documents, the exploit has been publicly released. Con...

EUVD-2006-5163

Malware in sbrugna...

EUVD-2021-1013

Malware in sbrugna...

EUVD-2018-20517

Malware in sbrugna...

EUVD-2008-1718

Malware in sbrugna...

EUVD-2017-1474

Malware in sbrugna...

EUVD-2001-1353

Malware in sbrugna...

EUVD-2008-5280

Malware in sbrugna...

EUVD-2018-11890

Malware in sbrugna...

EUVD-2012-5061

Malware in sbrugna...