CVE-2026-29905

Kirby CMS through 5.1.4 allows an authenticated user with 'Editor' permissions to cause a persistent Denial of Service DoS via a malformed image upload. The application fails to properly validate the return value of the PHP getimagesize function. When the system attempts to process this file for...

CVE-2025-14740

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

EUVD-2025-206791

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

PT-2026-5035

Name of the Vulnerable Software and Affected Versions Meshtastic versions prior to 2.7.6.834c3c5 Description Meshtastic is a mesh networking solution where nodes are identified by their NodeID, derived from the MAC address, rather than their public key. This design flaw allows an attacker to forg...

CVE-2022-35251

A cross-site scripting vulnerability exists in Rocket.chat...

CVE-2017-18563

The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen...

CVE-2023-53903

WebsiteBaker 2.13.3 contains a stored cross-site scripting vulnerability that allows authenticated users to upload malicious SVG files with embedded JavaScript. Attackers can upload crafted SVG files with script tags that execute when the file is viewed, enabling persistent cross-site scripting...

EUVD-2017-11105

Malware in sbrugna...

EUVD-2017-7823

Malware in sbrugna...

EUVD-2020-7192

Malware in sbrugna...

EUVD-2017-11826

Malware in sbrugna...

EUVD-2018-10235

Malware in sbrugna...

EUVD-2021-25148

Malware in sbrugna...

EUVD-2018-2387

Malware in sbrugna...

EUVD-2022-38143

Malicious code in bioql PyPI...

EUVD-2022-45965

Malicious code in bioql PyPI...

EUVD-2022-33760

Malicious code in bioql PyPI...

CVE-2021-22499

Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack...

CVE-2020-22655

In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5.1.0.199, Ruckus T301n 10.5.1.0.199, Ruckus T301s 10.5.1.0.199, SmartCell Gateway 200 SCG200 before 3.6.2.0.795, SmartZone 100 SZ-100 before 3.6.2.0.795, SmartZone 300 SZ300 before 3.6.2.0.795, Virtua...

CVE-2020-5749

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct persistent cross-site scripting XSS attacks by creating a crafted group...