CVE-2023-25364

Opswat Metadefender Core before 5.2.1 does not properly defend against potential HTML injection and XSS attacks...

EUVD-2018-8127

Malware in sbrugna...

EUVD-2024-53900

Malicious code in bioql PyPI...

EUVD-2022-44044

Malicious code in bioql PyPI...

EUVD-2023-40601

Malicious code in bioql PyPI...

EUVD-2022-53470

Malicious code in bioql PyPI...

EUVD-2023-40602

Malicious code in bioql PyPI...

EUVD-2023-40603

Malicious code in bioql PyPI...

EUVD-2025-14911

Malicious code in bioql PyPI...

CVE-2023-36659

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Long inputs were not properly processed, which allows remote attackers to cause a denial of service loss of communication...

CVE-2023-36657

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. Built-in features of Windows desktop shortcuts, narrator can be abused for privilege escalation...

CVE-2023-36658

An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally...

CVE-2022-32272

OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation...

CVE-2022-40778

A stored Cross-Site Scripting XSS vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response...

CVE-2022-32273

As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core MDCore before 5.1.2 could allow an authenticated user to enumerate filenames on the server...

CVE-2018-16275

OPSWAT MetaDefender before v4.11.2 allows CSV injection...

The vulnerability of the software development platform for endpoint protection, MetaDefender Endpoint Security SDK (formerly OESIS), and the software for secure remote access to data, Palo Alto Networks GlobalProtect App, for Windows operating systems, stems from deficiencies in access control. This allows attackers to enhance their privileges.

The vulnerability of the MetaDefender Endpoint Security SDK formerly OESIS and the Palo Alto Networks GlobalProtect App software for securing remote access to data on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhan...

CVE-2025-0131

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However,...

CVE-2025-0131

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However,...

CVE-2025-0131

An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK used by the Palo Alto Networks GlobalProtect™ app on Windows devices allows a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\SYSTEM. However,...