EUVD-2025-2545

Malicious code in bioql PyPI...

EUVD-2025-2546

Malicious code in bioql PyPI...

EUVD-2025-2503

Malicious code in bioql PyPI...

EUVD-2024-18619

Malicious code in bioql PyPI...

EUVD-2023-26130

Malicious code in bioql PyPI...

@nubosoftware/node-static failure to catch exception can result in server crash

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

CVE-2025-11149

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

CVE-2025-11149

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

Oracle Business Intelligence Enterprise Edition (OAS) (July 2025 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 7.6.0.0 and 8.2.0.0 installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle...

CVE-2025-30135

An issue was discovered on IROAD Dashcam FX2 devices. Dumping Files Over HTTP and RTSP Without Authentication can occur. It lacks authentication controls on its HTTP and RTSP interfaces, allowing attackers to retrieve sensitive files and video recordings. By connecting to...

Oracle WebCenter Portal (July 2025 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Security Framework Apache Commons BeanUtils. The...

Oracle Primavera Unifier (July 2025 CPU)

The versions of Primavera Unifier installed on the remote host are affected by a vulnerability as referenced in the July 2025 CPU advisory. - Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering component: Platform Apache Commons BeanUtils. Supported versions that...

CVE-2025-50060

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 7.6.0.0.0, 8.2.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

CVE-2025-50105

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Administration. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

CVE-2025-50064

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

CVE-2025-53031

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily exploitable vulnerability allows...

Oracle Siebel CRM 25.x < 25.6 (July 2025 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2025 CPU advisory. - Vulnerability in the Siebel CRM Deployment product of Oracle Siebel CRM component: Application Interface Apache Tomcat. Supported versions that ar...

CVE-2025-53031

Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications component: Platform. Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily exploitable vulnerability allows...

CVE-2025-30756

Vulnerability in Oracle REST Data Services component: General. The supported version that is affected is 24.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle REST Data Services. Successful attacks require human interaction from...

CVE-2025-30760

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.9.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOn...