EUVD-2020-20602

Malware in sbrugna...

EUVD-2025-25465

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-7969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This...

CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

UBUNTU-CVE-2025-7969

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

CVE-2025-7969 Markdown-it 14.1.0 - Cross-site scripting (XSS)

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in markdown-it allows Cross-Site Scripting XSS. This vulnerability is associated with program files lib/renderer.mjs. This issue affects markdown-it: 14.1.0. NOTE: the Supplier does not conside...

windmill-cli (>=0.0.1 <=0.0.13) potentially affected by CVE-2024-49770 via @oakserver/oak (>=12.6.2 <=14.1.0)

@oakserver/oak NPM version =12.6.2, =0.0.1, =0.0.13 Source cves: CVE-2024-49770 Source advisory: OSV:GHSA-QM92-93FV-VH7M...

CVE-2024-35224

OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...

CVE-2024-35224 Stored Cross-Site Scripting (XSS) in OpenProject

OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...

CVE-2024-35224 Stored Cross-Site Scripting (XSS) in OpenProject

OpenProject is the leading open source project management software. OpenProject utilizes tablesorter inside of the Cost Report feature. This dependency, when misconfigured, can lead to Stored XSS via icon substitution in table header values. This attack requires the permissions "Edit work package...

Piwigo < 14.1.0 XSS Vulnerability

Piwigo is prone to a cross-site scripting XSS vulnerability in the Admin Tools plug-in component. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

F5 Networks BIG-IP : TMM vulnerability (K25400442)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.3.6 / 14.1.2.5 / 15.1.1 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K25400442 advisory. - On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and...

F5 BIG-IP LTM/CGNAT Security Vulnerability

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other functions from F5 Corporation. A security vulnerability exists in F5 BIG-IP LTM/CGNAT, which can be exploited by an attacker to trigger a denial of...

CVE-2020-28115

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

Sql injection

SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the objectpath parameter...

CVE-2020-5881

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition VE is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer NDAL Interfaces can lock up and in turn disrupting the communicatio...

Code injection

On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition VE is configured with VLAN groups and there are devices configured with OSPF connected to it, the Network Device Abstraction Layer NDAL Interfaces can lock up and in turn disrupting the communicatio...

Design/Logic Flaw

On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel TMM may restart on BIG-IP Virtual Edition VE while processing unusual IP traffic...

CVE-2020-2711

Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications component: Core. Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payment...