EUVD-2024-55573

LINQPad before 5.52.01 Pro edition is vulnerable to Unsafe Deserialization in LINQPad.AutoRefManager::PopulateFromCache, leading to code execution...

CVE-2024-53326

CVE-2024-53326 affects LINQPad before 5.52.01 Pro. The vulnerability is an unsafe deserialization in LINQPad.AutoRefManager::PopulateFromCache(), which leads to code execution. The connected sources confirm the same description across EUVD-2024-55573 and NVD/CVE records. Public exploitation detai...

OpenKM 6.3.12 - Multiple

Exploit Title: OpenKM Multiple Critical Zero-Day Date: 17 Jan 2026 Exploit Author: Terra System Labs Pvt. Ltd. Vendor Homepage: https://www.openkm.com/ Software Link: https://hub.docker.com/r/openkm/openkm-ce Version: OpenKM Community Edition 6.3.12 and OpenKM Pro Edition 7.1.47 and previous...

Craft CMS has a Missing Authorization Check on User Group Removal via save-permissions Action

Summary The actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no equivalent authorization check for removals, so submitting an empty groups...

Missing Authorization

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Missing Authorization via the actionSavePermissions process. An attacker can remove all group memberships from arbitrary users by submitting an empty groups parameter, resulting in immediate...

GHSA-JQ2F-59PJ-P3M3 Craft CMS has a Missing Authorization Check on User Group Removal via save-permissions Action

Summary The actionSavePermissions endpoint allows a user with only viewUsers permission to remove arbitrary users from all user groups. While saveUserGroups enforces per-group authorization for additions, it performs no equivalent authorization check for removals, so submitting an empty groups...

EUVD-2026-20408

Missing Authorization vulnerability in nfusionsolutions Precious Metals Automated Product Pricing Pro precious-metals-automated-product-pricing-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Precious Metals Automated Product Pricing Pro: from n/a...

CVE-2025-13668

A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege...

CVE-2025-13668 Quartus Prime Pro Edition Advisory

A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege...

CVE-2025-13668

Quartus Prime Pro Edition Design Software is cited as potentially allowing privilege escalation. The connected sources consistently reference Quartus Prime Pro Edition Design Software, but none of the provided documents specify affected versions, exact root cause, or a remediation. Public_DETAIL ...

CVE-2025-13668 Quartus Prime Pro Edition Advisory

A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege...

EUVD-2020-5917

Malware in sbrugna...

EUVD-2020-5918

Malware in sbrugna...

EUVD-2005-3996

Malware in sbrugna...

EUVD-2022-37172

Malicious code in bioql PyPI...

EUVD-2023-28496

Malicious code in bioql PyPI...

CVE-2024-21777

Uncontrolled search path in some IntelR QuartusR Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2023-24478

Use of insufficiently random values for some Intel AgilexR software included as part of IntelR QuartusR Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access...

PT-2025-2786 · Txone Networks · Txone Networks Portable Inspector +1

Name of the Vulnerable Software and Affected Versions: TXOne Networks Portable Inspector version 1.0.0 TXOne Networks Portable Inspector Pro Edition version 1.0.0 Description: The issue is related to improper input validation in the Management Program of TXOne Networks Portable Inspector and...

CVE-2024-38383

Intel® Quartus® Prime Pro Edition software for Windows before version 24.2 is affected by CVE-2024-38383 due to an uncontrolled search path, which may let an authenticated user escalate privileges via local access. Intel’s advisory recommends updating to version 24.2 or later to mitigate, with a ...