970 matches found
EUVD-2023-58105
Malicious code in bioql PyPI...
EUVD-2022-34536
Malicious code in bioql PyPI...
EUVD-2022-27677
Malicious code in bioql PyPI...
EUVD-2025-1626
Malicious code in bioql PyPI...
EUVD-2024-33609
Malicious code in bioql PyPI...
EUVD-2025-9114
Malicious code in bioql PyPI...
EUVD-2024-54441
Malicious code in bioql PyPI...
EUVD-2022-43116
Malicious code in bioql PyPI...
EUVD-2025-5116
Malicious code in bioql PyPI...
EUVD-2025-16850
Malicious code in bioql PyPI...
CVE-2025-60448
A stored Cross-Site Scripting XSS vulnerability has been discovered in Emlog Pro 2.5.19. The vulnerability exists due to insufficient validation of SVG file uploads in the /admin/media.php component, allowing attackers to upload malicious SVG files containing JavaScript code that executes when th...
CVE-2025-9561 AP Background 3.8.1 - 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload via advParallaxBackAdminSaveSlider Function
The AP Background plugin for WordPress is vulnerable to arbitrary file uploads due to missing authorization and insufficient file validation within the advParallaxBackAdminSaveSlider handler in versions 3.8.1 to 3.8.2. This makes it possible for authenticated attackers, with Subscriber-level acce...
CVE-2025-9212 WP Dispatcher <= 1.2.0 - Authenticated (Subscriber+) Arbitrary File Upload
The WP Dispatcher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the wpdispatcherprocessupload function in all versions up to, and including, 1.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...
CVE-2025-9561
CVE-2025-9561 affects the WordPress AP Background plugin (versions 3.8.1–3.8.2). The issue is an arbitrary file upload vulnerability due to missing authorization and insufficient file validation in advParallaxBackAdminSaveSlider(), allowing authenticated attackers with Subscriber+ access to uploa...
CVE-2025-59300
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-59298
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-59299
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-59300
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-59297
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...
CVE-2025-59298 File Parsing Out-Of-Bounds Write Vulnerability in DIAScreen
Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process...