CVE-2025-34512

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting XSS vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 t...

CVE-2025-34512 Ilevia EVE X1 Server 4.7.18.0.eden Reflected XSS

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting XSS vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary script in the victim's browser. Ilevia has declined to service this vulnerability, and recommends that...

CVE-2025-34512 Ilevia EVE X1 Server 4.7.18.0.eden Reflected XSS

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a reflected cross-site scripting XSS vulnerability in index.php that allows an unauthenticated attacker to execute arbitrary script in the victim's browser. Ilevia has declined to service this vulnerability, and recommends that...

EUVD-2025-34801

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection vulnerability in mbusbuildfromcsv.php that allows an unauthenticated attacker to execute arbitrary code. Ilevia has declined to service this vulnerability, and recommends that customers not expose port 8080 to...

CVE-2025-35050

Newforma Info Exchange NIX accepts serialized .NET data via the '/remoteweb/remote.rem' endpoint, allowing a remote, unauthenticated attacker to execute arbitrary code with 'NT AUTHORITY\NetworkService' privileges. The vulnerable endpoint is used by Newforma Project Center Server NPCS, so a...

PT-2025-41466

Name of the Vulnerable Software and Affected Versions Newforma Info Exchange affected versions not specified Description Newforma Info Exchange accepts serialized .NET data via the /remoteweb/remote.rem API endpoint without proper validation. This allows a remote, unauthenticated attacker to...

EUVD-2019-7053

Malware in sbrugna...

EUVD-2024-54902

Malicious code in bioql PyPI...

EUVD-2022-15424

Malicious code in bioql PyPI...

EUVD-2025-29699

Malicious code in bioql PyPI...

Exploit for CVE-2025-9242

watchTowr-vs-WatchGuard-CVE-2025-9242 Detection Artifact Gene...

PT-2025-39875

Name of the Vulnerable Software and Affected Versions Medical Informatics Engineering Enterprise Health affected versions not specified Description A reflected cross site scripting issue exists in the 'portlet user id' URL parameter. An unauthenticated, remote attacker can create a malicious URL ...

PT-2025-37370

Name of the Vulnerable Software and Affected Versions Ceragon Networks / Siklu Communication EtherHaul series versions 7.4.0 through 10.7.3 Description The rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak...

PT-2025-37369

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-10 6 2-18707-ea552dc00b devices have a static root password...

Linux Distros Unpatched Vulnerability : CVE-2019-9642

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in proxy.php in pydio-core in Pydio through 8.2.2. Through an unauthenticated request, it possible to evaluate malicious PHP code by...

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

CVE-2025-40795

The CVE-2025-40795 issue affects Siemens SIMATIC PCS neo versions 4.1, 5.0 and 6.0, and the integrated User Management Component (UMC)

PT-2025-36681

Name of the Vulnerable Software and Affected Versions: SIMATIC PCS neo versions 4.1 All versions SIMATIC PCS neo versions 5.0 All versions User Management Component UMC versions prior to 2.15.1.3 Description: A stack-based buffer overflow vulnerability exists in the integrated User Management...

Linux Distros Unpatched Vulnerability : CVE-2020-15591

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fexsrv in FEX aka Frams' Fast File EXchange before fex-201609192 allows eval injection for unauthenticated remote code execution. CVE-2020-15591 Note that Nessu...

Linux Distros Unpatched Vulnerability : CVE-2019-1010060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact is: arbitrary code execution. The component is: over 40 source code files were changed. T...