1403 matches found
EUVD-2025-25505
Malicious code in bioql PyPI...
EUVD-2025-28241
Malicious code in bioql PyPI...
EUVD-2024-54876
Malicious code in bioql PyPI...
EUVD-2025-24092
Malicious code in bioql PyPI...
EUVD-2025-24169
Malicious code in bioql PyPI...
EUVD-2025-31152
Malicious code in bioql PyPI...
EUVD-2025-24205
Malicious code in bioql PyPI...
EUVD-2025-26621
Malicious code in bioql PyPI...
EUVD-2025-24171
Malicious code in bioql PyPI...
EUVD-2025-32026
Malicious code in bioql PyPI...
EUVD-2025-24280
Malicious code in bioql PyPI...
EUVD-2025-24185
Malicious code in bioql PyPI...
Apache Kylin 2.3.x < 3.1.0 Command Injection
According to its banner, the version of Apache Kylin running on the remote host is 2.3.x 3.1.0. It is, therefore, affected by a Command Injection vulnerability through the REST API. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reporte...
TLoRa: Implementing TLS over LoRa for Secure HTTP Communication in IoT
We present TLoRa, an end-to-end architecture for HTTPS communication over LoRa by integrating TCP tunneling and a complete TLS 1.3 handshake. It enables a seamless and secure communication channel between WiFi-enabled end devices and the Internet over LoRa using an End Hub EH and a Net Relay NR...
CVE-2025-59537 argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate client...
CVE-2025-59537 argo-cd is vulnerable to unauthenticated DoS attack via malformed Gogs webhook payload
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Versions 1.2.0 through 1.8.7, 2.0.0-rc1 through 2.14.19, 3.0.0-rc1 through 3.2.0-rc1, 3.1.7 and 3.0.18 are vulnerable to malicious API requests which can crash the API server and cause denial of service to legitimate client...
Splunk Cloud Platform和Splunk Enterprise 代码问题漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. Splunk Cloud Platform and Splunk Enterprise ha...
PT-2025-40274
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1 Splunk Enterprise versions 9.2.8 through 9.4.4 Splunk Cloud Platform versions prior to 9.3.2411.109 Splunk Cloud Platform versions 9.2.2406.122 through 9.3.2408.119 Description An unauthenticated...
CVE-2025-59948
FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below do not sanitize certain event handler attributes in feed content, so by finding a page that renders feed entries without CSP, it is possible to execute an XSS payload. The Allow API access authentication setting needs to ...
[SECURITY] Fedora 41 Update: nextcloud-31.0.9-1.fc41
NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing rig ht on the web. NextCloud is extendable via a simple but powerful API...