EUVD-2025-209255

Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT...

CVE-2025-65115

Remote Code Execution Vulnerability in JP1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management 2 - Operations Director on Windows, Job Management Partner 1/IT Desktop Management 2 - Manager on Windows, JP1/IT Desktop Management - Manager on Windows, Job Management Partner 1/IT...

CVE-2025-33220

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause heap memory access after the memory is freed. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or...

CVE-2025-65471

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via uploading a crafted PHP file...

PT-2025-50636

Name of the Vulnerable Software and Affected Versions EasyImages versions 2.0 through 2.8.6 Description A flaw exists in the /admin/manager.php component that allows for arbitrary file renaming. An attacker can exploit this to execute arbitrary code by renaming a PHP file to an SVG format...

EUVD-2009-3735

Malware in sbrugna...

EUVD-2022-34752

Malicious code in bioql PyPI...

PT-2025-34598 · Joomla +1 · Joomla! +1

Name of the Vulnerable Software and Affected Versions: Quantum Manager versions 1.0.0 through 3.2.0 Description: A stored cross-site scripting XSS issue exists in the Quantum Manager component for Joomla. File names are not properly escaped, which could allow for malicious code execution...

CVE-2023-48202

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

CVE-2025-44023

An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute arbitrary via the accountmgr.cgi-cgichgadminpw components...

CVE-2025-44072

SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component adminmanager.php...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v13.3, which stems from mishandling of the adminmanager.php component, which could lead to SQL...

CVE-2024-52056

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to delete any directory on the file system if the target directory contains an XML definition file...

CVE-2024-52054

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system...

CVE-2024-52054

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to create an XML definition file anywhere on the file system...

CVE-2024-52055

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file...

CVE-2024-52056 Application Delete Path Traversal in Wowza Streaming Engine

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to delete any directory on the file system if the target directory contains an XML definition file...

CVE-2024-52055 Application Copy Path Traversal in Wowza Streaming Engine

Path Traversal in the Manager component of Wowza Streaming Engine below 4.9.1 allows an administrator user to read any file on the file system if the target directory contains an XML definition file...

CVE-2024-52053 Stored Cross-Site Scripting in Wowza Streaming Engine

Stored Cross-Site Scripting in the Manager component of Wowza Streaming Engine below 4.9.1 allows an unauthenticated attacker to inject client-side JavaScript into the web dashboard to automatically hijack admin accounts...

CVE-2024-10443

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in Task Manager component in Synology BeePhotos before 1.0.2-10026 and 1.1.0-10053 and Synology Photos before 1.6.2-0720 and 1.7.0-0795 allows remote attackers to execute arbitrary code via...