840 matches found
EUVD-2025-10431
Malicious code in bioql PyPI...
EUVD-2024-51082
Malicious code in bioql PyPI...
EUVD-2024-49236
Malicious code in bioql PyPI...
EUVD-2025-27233
Malicious code in bioql PyPI...
EUVD-2022-35125
Malicious code in bioql PyPI...
EUVD-2021-29661
Malicious code in bioql PyPI...
EUVD-2024-27185
Malicious code in bioql PyPI...
EUVD-2021-30844
Malicious code in bioql PyPI...
EUVD-2023-45876
Malicious code in bioql PyPI...
EUVD-2023-35121
Malicious code in bioql PyPI...
EUVD-2023-41120
Malicious code in bioql PyPI...
EUVD-2025-29697
Malicious code in bioql PyPI...
CVE-2025-40991
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40991
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-40991 Stored XSS in Creativeitem Ekushey CRM
Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the "/ekushey/index.php/client/projectfile/upload/xxxx", affecting to "description" parameter via POST. This vulnerability could allow a remote attacker to send a...
CVE-2025-41701
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701
Beckhoff TwinCAT 3 Engineering contains a vulnerability (CVE-2025-41701) where deserialization of untrusted data can be triggered by a manipulated project file, allowing an unauthenticated local attacker to execute arbitrary commands in the user’s context. The available connected sources confirm ...
PT-2025-36688
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected...