CVE-2025-63743

Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is execut...

PT-2026-32381

Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker with lowest privileges sufficient only to log in, to inject arbitrary JavaScript code via "Name" and "Surname" fields. The JavaScript code is execut...

Snipe-IT 安全漏洞

Snipe-IT is a set of open-source IT asset/license management systems developed by Grokability. Versions of Snipe-IT from v8.3.0 to v8.3.1 contain security vulnerabilities. These vulnerabilities stem from insufficient input validation for the Name and Surname fields, which may lead to cross-site...

CVE-2025-63743

Snipe-IT web-based asset management system (v8.3.0–v8.3.1) is affected by an authenticated stored XSS: an attacker with login privileges can inject JavaScript via the Name/Surname fields, executed when the Activity Report or a profile is viewed if Display Name is not set. The issue is fixed in v8...

EUVD-2023-32371

Malicious code in bioql PyPI...

EUVD-2024-37347

Malicious code in bioql PyPI...

EUVD-2025-16062

Malicious code in bioql PyPI...

EUVD-2025-26988

Malicious code in bioql PyPI...

EUVD-2025-1933

Malicious code in bioql PyPI...

CVE-2025-58789

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through = 8.2.5...

CVE-2025-58789

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through = 8.2.5...

CVE-2025-58789 WordPress WP Full Stripe Free Plugin <= 8.2.5 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle WP Full Stripe Free wp-full-stripe-free allows SQL Injection.This issue affects WP Full Stripe Free: from n/a through = 8.2.5...

WordPress WP Full Stripe Free Plugin <= 8.2.5 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin WP Full Stripe Free versions = 8.2.5...

PT-2025-36129

Name of the Vulnerable Software and Affected Versions: WP Full Stripe Free versions through 8.3.0 Description: WP Full Stripe Free is susceptible to a SQL injection flaw due to improper neutralization of special elements within SQL commands. Recommendations: Update WP Full Stripe Free to a versio...

Linux Distros Unpatched Vulnerability : CVE-2024-21090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 8.3.0 and prior. Easily...

CVE-2023-3293

Cross-site Scripting XSS - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0...

CVE-2022-24116

Certain General Electric Renewable Energy products have inadequate encryption strength. This affects iNET and iNET II before 8.3.0...

CVE-2022-24120

Certain General Electric Renewable Energy products store cleartext credentials in flash memory. This affects iNET and iNET II before 8.3.0...

Vtiger CRM Open Source Edition 安全漏洞

Vtiger CRM Open Source Edition is a customer relationship management software from Vtiger, Inc. A security vulnerability exists in Vtiger CRM Open Source Edition version v8.3.0, which originates from the ZIP import feature and could lead to the execution of arbitrary PHP code...

AZL-54704 CVE-2024-56732 affecting package harfbuzz for versions less than 8.3.0-3

HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hbcairoglyphsfrombuffer function...