484 matches found
EUVD-2007-5901
Malware in sbrugna...
EUVD-2011-4781
Malware in sbrugna...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: mysql (UTSA-2025-986145)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986145 advisory. Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Information Schema. Supported versions that are affected are 5.7.33 and prior and 8.0.23...
CVE-2025-6985 XXE Vulnerability in langchain-ai/langchain
The HTMLSectionSplitter class in langchain-text-splitters version 0.3.8 is vulnerable to XML External Entity XXE attacks due to unsafe XSLT parsing. This vulnerability arises because the class allows the use of arbitrary XSLT stylesheets, which are parsed using lxml.etree.parse and lxml.etree.XSL...
EUVD-2025-29146
Malicious code in bioql PyPI...
EUVD-2024-45077
Malicious code in bioql PyPI...
EUVD-2024-50028
Malicious code in bioql PyPI...
EUVD-2025-13691
Malicious code in bioql PyPI...
ROS-20250923-07
The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...
Advisory ROSA-SA-2025-2957
Software: perl-CPAN 2.18 OS: ROSA Virtualization 2.1 unaffected versions = perl-CPAN-2.18-397.0.1.rv3 affected versions perl-CPAN-2.18-397.0.1.rv3 CVE-ID: CVE-2023-31484 BDU-ID: 2023-03871 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the CPAN.pm component of the Perl programming language is relat...
CVE-2025-45968
An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference IDOR vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by thi...
Security Bulletin: Java SE Hotspot Vulnerability Enables Remote Data Access and Modification via Multiple Protocols, which affects IBM watsonx.data
Summary Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to accessib...
CVE-2025-0093
In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2025-45968
An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference IDOR vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by thi...
CVE-2025-55575
Summary: CVE-2025-55575 is a SQL Injection vulnerability in SMM Panel 3.1 that allows remote attackers to disclose sensitive information via a crafted HTTP request with the parameter action=service_detail. The CVSS v3.1 base score is 9.8 (CRITICAL) with network access, low attack complexity, no p...
Linux Distros Unpatched Vulnerability : CVE-2017-10274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Java SE component of Oracle Java SE subcomponent: Smart Card IO. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and ...
The vulnerability of the `update-ldcache` function in software for creating and running NVIDIA Container Toolkit containers and NVIDIA GPU Operator resource management software allows a malicious actor to gain unauthorized access to protected information or cause service failures.
The vulnerability in the update-ldcache function of software for creating and running NVIDIA Container Toolkit containers, as well as the NVIDIA GPU Operator resource management software, arises from an improper definition of symbolic references before accessing files. Exploiting this vulnerabili...
The vulnerability of the distributed Git version control system, related to improper filtering of output data, allows a malicious actor to gain read, modify, or delete access to data, or execute arbitrary code.
The vulnerability of the distributed Git version control system is related to improper filtering of output data during the extraction or sending of message exchanges from the server. Exploiting this vulnerability can allow a remote attacker to gain read, modify, or delete access to data, or execu...
The software’s vulnerability related to secure remote access to data in Palo Alto Networks GlobalProtect App allows a intruder to escalate their privileges. This vulnerability arises from errors in privilege management.
The vulnerability of the software for providing secure remote access to data in the Palo Alto Networks GlobalProtect App is related to errors in privilege management. Exploiting this vulnerability can allow attackers to enhance their privileges...
The vulnerability of the ColdFusion software platform lies in the improper limitation of XML references to external objects. This allows attackers to gain unauthorized access to protected information or circumvent existing security restrictions, thereby causing service failures.
The vulnerability of the ColdFusion software platform is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information or circumvent existing security...