EUVD-2017-2957

Malicious code in bioql PyPI...

EUVD-2024-54923

Malicious code in bioql PyPI...

EUVD-2022-47201

Malicious code in bioql PyPI...

EUVD-2024-1822

Malicious code in bioql PyPI...

EUVD-2025-31566

Malicious code in bioql PyPI...

EUVD-2022-32468

Malicious code in bioql PyPI...

EUVD-2025-25317

Malicious code in bioql PyPI...

EUVD-2025-4355

Malicious code in bioql PyPI...

EUVD-2022-1127

Malicious code in bioql PyPI...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

CLSA-2025-1759145882 Fix CVE(s): CVE-2025-53019

SECURITY UPDATE: memory leak via multiple consecutive %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019...

CLSA-2025-1759145639 Fix CVE(s): CVE-2025-53019

SECURITY UPDATE: memory leak when specifying multiple %d format specifiers in filename template - debian/patches/CVE-2025-53019.patch: Fix memory leak when entering StreamImage multiple times - CVE-2025-53019...

CVE-2025-11147

Reflected cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts XSS to be executed in “/html/.html”...

CVE-2025-11147 Reflected Cross-site scripting (XSS) vulnerability in Apt-Cacher-NG

Reflected cross-site scripting XSS in Apt-Cacher-NG v3.2.1. The vulnerability allows malicious scripts XSS to be executed in “/html/.html”...

Informative git prompt for bash and fish 安全漏洞

Informative git prompt for bash and fish is a bash prompt for Git users from the personal developer Martin Gondermann. A security vulnerability exists in Informative git prompt for bash and fish 2.7.1 and prior versions, which stems from a predictable filename in /tmp/git-index-private$$ that cou...

CVE-2025-61659

bash-git-prompt 2.6.1 through 2.7.1 insecurely uses the /tmp/git-index-private$$ file, which has a predictable name...

CVE-2025-11018

A flaw has been found in Four-Faith Water Conservancy Informatization Platform 1.0. This affects an unknown function of the file /sysRole/index.do/../../generalReport/download.do;usrlogout.do.do. Executing manipulation of the argument fileName can lead to path traversal. It is possible to launch...

CVE-2025-60150

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpshuffle Subscribe to Download subscribe-to-download allows PHP Local File Inclusion.This issue affects Subscribe to Download: from n/a through = 2.0.9...