EUVD-2025-7892

Malicious code in bioql PyPI...

Sangfor Endpoint Detection and Response 安全漏洞

Sangfor Endpoint Detection and Response is a next-generation endpoint security solution from China-based Sangfor. A security vulnerability exists in Sangfor Endpoint Detection and Response versions 3.2.16, 3.2.17, and 3.2.19, which is caused by an OS command injection attack due to a flaw in the...

CVE-2025-29782

CVE-2025-29782 affects the WeGIA Web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability exists in adicionar_tipo_docs_atendido.php, exploitable via the tipo parameter. In WeGIA versions prior to 3.2.17, attacker-supplied scripts are stored on the server and exe...

PT-2024-19316 · Unknown · Robosoft Photo Gallery

Name of the Vulnerable Software and Affected Versions: RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery versions 3.2.17 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stor...

WordPress Robo Gallery Plugin <= 3.2.17 is vulnerable to Cross Site Scripting (XSS)

Software Robo Gallery Type Plugin Vulnerable versions = 3.2.17 Fixed in 3.2.18 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-22295 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 29d8208eb109 Credits Bryan Satyamulya Required privilege...

Pivotal Spring Framework contains unsafe Java deserialization methods

Pivotal Spring Framework before 6.0.0 suffers from a potential remote code execution RCE issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required. Maintainers recommend...