PT-2026-22388

Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 26.0.8 Group-Office versions prior to 25.0.87 Group-Office versions prior to 6.8.153 Description The software has a SQL Injection issue that can be exploited through the advancedQueryData parameter, specifically...

CVE-2025-67280

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user...

CVE-2020-12271

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration HTTPS service or the User Portal exposed on the WAN zone. A successful attack...

MAL-2026-924 Malicious code in auto-backup-macos (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 64b97d3c3597539dc5a2cc2d81491eb2a0350011b3d80ef927546bc30701f924 Package performs a "backup" of files to a remote location. This functionality is clearly described, but the user has no control over the remote location where...

CVE-2022-50594

Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘data’ parameter to the ‘NetworkServlet’ endpoint. Successful exploitati...

LangGraph's SQLite store implementation has a SQL Injection Vulnerability

A SQL injection vulnerability exists in the langchain-ai/langgraph repository, specifically in the LangGraph's SQLite store implementation. The affected version is langgraph-checkpoint-sqlite 2.0.10. The vulnerability arises from improper handling of filter operators $eq, $ne, $gt, $lt, $gte, $lt...

EUVD-2018-9043

Malware in sbrugna...

EUVD-2017-1354

Malware in sbrugna...

EUVD-2023-29955

Malicious code in bioql PyPI...

CVE-2025-54593

FreshRSS is a free, self-hostable RSS aggregator. In versions 1.26.1 and below, an authenticated administrator user can execute arbitrary code on the FreshRSS server by modifying the update URL to one they control, and gain code execution after running an update. After successfully executing code...

Bitrix24 安全漏洞

Bitrix24 is a suite of enterprise social platforms from Bitrix USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management. A security vulnerability exists in Bitrix24 version 23.300.100, which originates from a remote administrat...

Bitrix24 安全漏洞

Bitrix24 is a suite of enterprise social platforms from Bitrix USA. The platform includes features such as online communication, calendar management and CRM Customer Relationship Management. A security vulnerability exists in Bitrix24 version 23.300.100, which originates from a remote administrat...

Malicious code in thethreadingassistant (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 762eff7d2ce4176f6050d35736ba93b5853e8519e760522372aced785a146e59 Infostealer exfiltrating cookies, history and passwords from the Google Chrome browser, as well as attempting to do a webcam photo. Data are sent to a Discord...

CVE-2023-33368

Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes...

PT-2023-24316 · Control Id · Idsecure

Name of the Vulnerable Software and Affected Versions: Control ID IDSecure versions 4.7.26.0 and prior Description: The issue allows some API routes to exfiltrate sensitive information and passwords to users accessing these routes. Recommendations: For Control ID IDSecure versions 4.7.26.0 and...

MGASA-2023-0099 Updated epiphany packages fix security vulnerability

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. CVE-2023-26081...

OESA-2023-1175 epiphany security update

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: In Epiphany aka GNOME Web through 43.0, untrusted web content...

OESA-2023-1139 epiphany security update

Epiphany is the web browser for the GNOME desktop. Its goal is to be simple and easy to use. Epiphany ties together many GNOME components in order to let you focus on the Web content, instead of the browser application. Security Fixes: In Epiphany aka GNOME Web through 43.0, untrusted web content...

DEBIAN-CVE-2023-26081

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...

Code injection

In Epiphany aka GNOME Web through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts...