637 matches found
drupal-pattern-lab/unified-twig-extensions is vulnerable to XXS
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
Versions of the package drupal-pattern-lab/unified-twig-extensions from 0.0.0 are vulnerable to Cross-site Scripting XSS due to insufficient filtering of data. Note: This is exploitable only if the code is executed outside of Drupal; the function is intended to be shared between Drupal and Patter...
CVE-2025-11570
CVE-2025-11570 affects the package drupal-pattern-lab/unified-twig-extensions (versions around 0.0.0; unmaintained) with a Cross-site Scripting (XSS) vulnerability caused by insufficient data filtering. Multiple sources (NVD, Red Hat CVE page, GitHub advisory, OSV, EUVD, CNNVD, SNYK) converge on ...
PT-2025-41502
Name of the Vulnerable Software and Affected Versions drupal-pattern-lab/unified-twig-extensions versions 0.0.0 through 1.1.0 Description The package contains a Cross-site Scripting XSS issue because of inadequate data filtering. This is only exploitable when the code runs outside of Drupal, as t...
CVE-2025-11489
A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This vulnerability affects the function isPathAllowed of the file src/tools/filesystem.ts. The manipulation leads to symlink following. The attack can only be performed from a local environment. The...
CVE-2025-11489 wonderwhy-er DesktopCommanderMCP filesystem.ts isPathAllowed symlink
A security vulnerability has been detected in wonderwhy-er DesktopCommanderMCP up to 0.2.13. This vulnerability affects the function isPathAllowed of the file src/tools/filesystem.ts. The manipulation leads to symlink following. The attack can only be performed from a local environment. The...
EUVD-2025-33297
A weakness has been identified in D-Link DIR-852 up to 20251002. This affects an unknown part of the file /HNAP1/. Executing manipulation can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited. This vulnerabilit...
EUVD-2019-19111
Malware in sbrugna...
EUVD-2019-19110
Malware in sbrugna...
EUVD-2015-1027
Malware in sbrugna...
EUVD-2023-28161
Malicious code in bioql PyPI...
EUVD-2025-3073
Malicious code in bioql PyPI...
EUVD-2022-7078
Malicious code in bioql PyPI...
EUVD-2022-4470
Malicious code in bioql PyPI...
EUVD-2025-29250
Malicious code in bioql PyPI...
EUVD-2025-29251
Malicious code in bioql PyPI...
EUVD-2024-47646
Malicious code in bioql PyPI...
EUVD-2025-32317
Malicious code in bioql PyPI...