EUVD-2025-15834

Malicious code in bioql PyPI...

EUVD-2024-26863

Malicious code in bioql PyPI...

EUVD-2025-13691

Malicious code in bioql PyPI...

EUVD-2024-26864

Malicious code in bioql PyPI...

EUVD-2022-38912

Malicious code in bioql PyPI...

EUVD-2021-29984

Malicious code in bioql PyPI...

EUVD-2025-26836

Malicious code in bioql PyPI...

EUVD-2025-29146

Malicious code in bioql PyPI...

EUVD-2024-45077

Malicious code in bioql PyPI...

EUVD-2024-34248

Malicious code in bioql PyPI...

EUVD-2022-34705

Malicious code in bioql PyPI...

EUVD-2022-49615

Malicious code in bioql PyPI...

EUVD-2024-50028

Malicious code in bioql PyPI...

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a

...

Hackers Use Fake Invoices to Spread XWorm RAT via Office Files

Hackers are sending fake invoice emails with malicious Office files that install the XWorm RAT on Windows systems, allowing full remote access and data theft. Learn how the shellcode and process injection are used to steal data, and how to stay safe from this persistent threat...

CVE-2025-10890

Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

ROS-20250923-07

The vulnerability of the core server component of the PostgreSQL database management system is related to flaws in the in access control. Exploitation of the vulnerability could allow a remote intruder to bypass ACL security restrictions and gain unauthorized access to protected information. ACL...

ROS-20250922-03

The vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird email client is related to the null pointer dereferencing. null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality of protected information. remotely to...

CVE-2023-49367

An issue in user interface in Kyocera Command Center RX EXOSYS M5521cdn allows remote to obtain sensitive information via inspecting sent packages by user...

BIT-NIFI-2023-34212 Apache NiFi: Potential Deserialization of Untrusted Data with JNDI in JMS Components

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to configure URL and library properties that enable deserialization of untrusted data from a remote location...