99 matches found
EulerOS Virtualization 2.12.0 : util-linux (EulerOS-SA-2026-1525)
According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifical...
EulerOS Virtualization 2.12.0 : perl (EulerOS-SA-2026-1509)
According to the versions of the perl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Perl threads have a working directory race condition where file operations may target unintended paths.If a directory handle is open ...
Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2026-1505)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-32597
PyJWT is a JSON Web Token implementation in Python. Prior to 2.12.0, PyJWT does not validate the crit Critical Header Parameter defined in RFC 7515 §4.1.11. When a JWS token contains a crit array listing extensions that PyJWT does not understand, the library accepts the token instead of rejecting...
GHSA-JMW5-58C7-587H Apache Karaf Decanter has Deserialization of Untrusted Data in its Log Socket Collector
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter Log Socket Collector exposes port 4560 without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. The Log Socket Collector is vulnerable to deserialization of...
CVE-2025-68883
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...
CVE-2025-68883 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...
CVE-2025-68883 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Reflected XSS.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...
CVE-2023-25669
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for tf.rawops.AvgPoolGrad, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1...
CVE-2025-67508
gardenctl is a command-line client for the Gardener which configures access to clusters and cloud provider CLI tools. When using non‑POSIX shells such as Fish and PowerShell, versions 2.11.0 and below of gardenctl allow an attacker with administrative privileges for a Gardener project to craft...
Arbitrary Command Injection
Overview Affected versions of this package are vulnerable to Arbitrary Command Injection via the evaluation of credential values in non-POSIX shell environments. An attacker can execute arbitrary commands on the operator's device by crafting malicious credential values in infrastructure Secret...
EUVD-2021-0160
Malware in sbrugna...
EUVD-2024-51707
Malicious code in bioql PyPI...
EUVD-2023-0959
Malicious code in bioql PyPI...
EUVD-2021-34125
Malicious code in bioql PyPI...
EUVD-2023-0862
Malicious code in bioql PyPI...
EUVD-2023-0957
Malicious code in bioql PyPI...
EUVD-2023-48740
Malicious code in bioql PyPI...
WordPress Happy Rider Theme <= 2.12.0 is vulnerable to Local File Inclusion
Software Happy Rider Type Theme Vulnerable versions = 2.12.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 2a832be985c0 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunit...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2025-1916)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...