EUVD-2025-14809

Malicious code in bioql PyPI...

EUVD-2024-2795

Malicious code in bioql PyPI...

EUVD-2025-30905

Malicious code in bioql PyPI...

EUVD-2021-27703

Malicious code in bioql PyPI...

EUVD-2022-1141

Malicious code in bioql PyPI...

CVE-2025-52658

HCL MyXalytics is affected by the use of vulnerable/outdated versions which can expose the application to known security risks that could be exploited...

CVE-2025-59489

Unity Runtime before 2025-10-02 on Android, Windows, macOS, and Linux allows argument injection that can result in loading of library code from an unintended location. If an application was built with a version of Unity Editor that had the vulnerable Unity Runtime code, then an adversary may be...

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

CVE-2025-57443

FrostWire 6.14.0-build-326 for macOS contains permissive entitlements allow-dyld-environment-variables, disable-library-validation that allow unprivileged local attackers to inject code into the FrostWire process via the DYLDINSERTLIBRARIES environment variable. This allows escalated privileges t...

PT-2025-40365

Name of the Vulnerable Software and Affected Versions FrostWire version 6.14.0-build-326 Description The software has permissive entitlements, specifically allow-dyld-environment-variables and disable-library-validation. These entitlements permit unprivileged local attackers to inject code into t...

cc.ddrpa.dorian.polystash:polystash-spring-boot-starter (=1.0.0), cc.ddrpa.dorian:forvariz-spring-boot-starter (>=1.0.0 <=1.1.0) +825 more potentially affected by CVE-2025-59952 via io.minio:minio (>=7.0.1 <=8.5.9)

io.minio:minio MAVEN version =7.0.1, =1.0.0, =1.0, =1.0.1, =1.3.0.RELEASE, =1.0.0, =1.0.0, =1.0.0, =0.2.2, =11.0.1-RELEASE, =11.0.1-RELEASE, =12.0.1-RELEASE - cn.bootx.platform:bootx-demo =1.2.3 and more Source cves: CVE-2025-59952 Source advisory: SNYK:JAVA-IOMINIO-13147656...

CVE-2025-9267

In Seagate Toolkit on Windows a vulnerability exists in the Toolkit Installer prior to versions 2.35.0.6 where it attempts to load DLLs from the current working directory without validating their origin or integrity. This behavior can be exploited by placing a malicious DLL in the same directory ...

CVE-2025-9267

The CVE-2025-9267 issue affects Seagate Toolkit on Windows, specifically Toolkit Installer versions prior to 2.35.0.6. The vulnerability arises from loading DLLs from the current working directory without validating origin or integrity, due to insecure DLL loading practices and reliance on relati...

CVE-2025-4582

Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Professional Core Libraries allows File Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.8, from 6.1.0 before 6.1.2.26, from 6.0.0 before 6.0., from 5.3.0 before 5.3., from 4.4a...

CVE-2025-1255

Untrusted Pointer Dereference vulnerability in RTI Connext Professional Core Libraries allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.2.0 before 7.3.0.9...

CVE-2025-4993

Untrusted Pointer Dereference vulnerability in RTI Connext Professional Core Libraries allows Pointer Manipulation.This issue affects Connext Professional: from 7.4.0 before 7.6.0, from 7.0.0 before 7.3.0.10, from 6.1.0 before 6.1.2.27, from 6.0.0 before 6.0., from 5.3.0 before 5.3., from 4.4a...

Linux Distros Unpatched Vulnerability : CVE-2024-53846

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OTP is a set of Erlang libraries, which consists of the Erlang runtime system, a number of ready-to-use components mainly written in Erlang, and a set of design...

4d-oled (>=1.0.0 <=1.0.2), @abb92/holidates (>=1.0.0 <=1.0.1) +972 more potentially affected by CVE-2025-57328 via toggle-array (>=0.1.0 <=1.0.1)

toggle-array NPM version =0.1.0, =1.0.0, =1.0.0, =5.0.0, =4.0.2, =0.0.0-snapshot-ZERO-3343-20250425065225, =0.8.1-beta.2, =0.1.0, =0.1.1-a, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.11.0 and more Source cves: CVE-2025-57328 Source advisory: OSV:GHSA-34Q3-8X9V-J957...

@dwimm/client-web (>=0.0.1 <=0.0.2-86), @element-hq/web-shared-components (>=0.0.0-test.6 <=0.0.2) +26 more potentially affected by CVE-2025-57354 via counterpart (>=0.16.10 <=0.18.6)

counterpart NPM version =0.16.10, =0.0.1, =0.0.0-test.6, =1.0.0, =2.10.1, =0.0.1, =0.7.1, =0.0.1, =0.1.8, =2.3.0, =3.114.0-rc.0 and more Source cves: CVE-2025-57354 Source advisory: OSV:GHSA-2488-W585-72CH...

DRUPAL-CONTRIB-2025-106

This module enables you to store and display JSON data using optional 3rd party libraries. The module doesn't sufficiently filter data using some of the included field formatters leading to a Cross-site Scripting XSS vulnerability...