EUVD-2022-41552

Malicious code in bioql PyPI...

EUVD-2024-39413

Malicious code in bioql PyPI...

EUVD-2022-49137

Malicious code in bioql PyPI...

EUVD-2022-41544

Malicious code in bioql PyPI...

EUVD-2022-51053

Malicious code in bioql PyPI...

EUVD-2022-41532

Malicious code in bioql PyPI...

EUVD-2022-41530

Malicious code in bioql PyPI...

EUVD-2022-39664

Malicious code in bioql PyPI...

Hostel Management System index.php File SQL Injection Vulnerability

Hostel Management System is a hostel management system. Hostel Management System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in parameter ID in file /justines/admin/modamenities/index.php. An attacker can exploit this...

PT-2025-37162

Name of the Vulnerable Software and Affected Versions Erlang OTP versions 17.0 through 28.0.3 Erlang OTP versions 26.2.5.15 through 27.3.4.3 Erlang OTP versions 27.3.4.3 Erlang OTP versions 28.0.3 ssh versions 3.0.1 through 5.3.3 ssh versions 5.1.4.12 ssh versions 5.2.11.3 Description An Allocati...

PT-2025-37105

Name of the Vulnerable Software and Affected Versions: Scada-LTS versions prior to 2.7.8.2 Description: A vulnerability exists in Scada-LTS that allows for cross site scripting. The issue affects unknown code within the /data point edit.shtm file of the Data Point Edit Module. The manipulation of...

ALSA-2025:15123 Moderate: httpd:2.4 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: insufficient escaping of user-supplied data in modssl CVE-2024-47252 httpd: modssl: access control bypass by trusted clients is possible using TLS 1.3 session resumption...

CVE-2025-9531 Portabilis i-Educar Agenda agenda.php sql injection

A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-9531 Portabilis i-Educar Agenda agenda.php sql injection

A vulnerability was detected in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/agenda.php of the component Agenda Module. Performing manipulation of the argument codagenda results in sql injection. It is possible to initiate the attack remotely. The exploit...

CVE-2025-9401

A vulnerability has been found in HuangDou UTCMS 9. This vulnerability affects unknown code of the file app/modules/ut-frame/admin/login.php of the component Login. Such manipulation of the argument code leads to incorrect comparison. The attack can be executed remotely. The attack requires a hig...

Linux Distros Unpatched Vulnerability : CVE-2013-2024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OS command injection vulnerability in the qs procedure from the utils module in Chicken before 4.9.0. CVE-2013-2024 Note that Nessus relies on the presence of t...

Linux Distros Unpatched Vulnerability : CVE-2014-10064

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will blo...

nginx 0.7.22 < 1.29.1 Information Disclosure

According to its Sever response header, the installed version of nginx is 0.7.22 prior to 1.29.1. It is, therefore, affected by the following issue : - NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SM...

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

CVE-2025-54363

Microsoft Knack 0.12.0 allows Regular expression Denial of Service ReDoS in the knack.introspection module. extractfullsummaryfromsignature employs an inefficient regular expression pattern: "\s:param\s+.+?\s:." that is susceptible to catastrophic backtracking when processing crafted docstrings...