EUVD-2022-2595

Malicious code in bioql PyPI...

EUVD-2023-2579

Malicious code in bioql PyPI...

EUVD-2022-2708

Malicious code in bioql PyPI...

EUVD-2023-3193

Malicious code in bioql PyPI...

Gazelle 代码注入漏洞

Gazelle is a web framework for private BitTorrent trackers. Gazelle suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Message in the file /sections/tools/managers/changelog.php, which can be...

Buffer Over-read

Overview Affected versions of this package are vulnerable to Buffer Over-read via the DiaSymReader.dll process. An attacker can execute arbitrary code by exploiting a buffer over-read condition when the application processes specially crafted input. This issue affects EOL ASP.NET 6.0.0 = 6.0.36 a...

iron crate is unmaintained

The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...

Linux Distros Unpatched Vulnerability : CVE-2022-28961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spip Web Framework v3.1.13 and below was discovered to contain multiple SQL injection vulnerabilities at /ecrire via the liertrad and where parameters...

WhatWeb Scanner 0.6.2

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...

Exploit for CVE-2025-55575

It is an offensive tool for web exploitation. This repository co...

Linux Distros Unpatched Vulnerability : CVE-2025-24070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Weak authentication in ASP.NET Core & Visual Studio allows an unauthorized attacker to elevate privileges over a network. CVE-2025-24070 Note that Nessus relies...

Linux Distros Unpatched Vulnerability : CVE-2022-28959

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in the component /spip.php of Spip Web Framework v3.1.13 and below allows attackers to execute arbitrary web...

PT-2025-33494 · Astro · Astro

Name of the Vulnerable Software and Affected Versions: Astro versions prior to 9.4.1 Description: Astro is a web framework for content-driven websites. An open redirect vulnerability exists in certain Astro deployment scenarios. Specifically, when using the Node deployment adapter in standalone...

CVE-2025-54801

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

CVE-2025-54801 Fiber Susceptible to Crash via `BodyParser` Due to Unvalidated Large Slice Index in Decoder

Fiber is an Express inspired web framework written in Go. In versions 2.52.8 and below, when using Fiber's Ctx.BodyParser to parse form data containing a large numeric key that represents a slice index e.g., test.18446744073704, the application crashes due to an out-of-bounds slice allocation in...

The vulnerability of the multipart/form-data component in the web framework and the asynchronous networking library Tornado, which allows a hacker to trigger a service failure

The vulnerability of the multipart/form-data component of the web framework and the asynchronous networking library Tornado is related to the use of incorrect authentication tokens due to unlimited resource distribution. Exploiting this vulnerability can allow a malicious actor to cause service...

Microsoft ASP.NET Core 安全漏洞

Microsoft ASP.NET Core is a framework of cross-platform open source framework from Microsoft Corporation USA. The framework is used to build cloud-based applications such as web applications, Internet of Things applications, and mobile backends. A security vulnerability exists in Microsoft ASP.NE...

Security Bulletin: IBM watsonx Orchestrate Cartridge affected by vulnerability in express-4.18.1.tgz

Summary IBM watsonx Orchestrate Cartridge contains a vulnerable version of express-4.18.1.tgz Vulnerability Details CVEID:CVE-2024-43796 DESCRIPTION: Express.js minimalist web framework for node. In express 4.20.0, passing untrusted user input - even after sanitizing it - to response.redirect may...

Simple-Hospital-Management-System-in-Python-CodeAstro-Patients-Stored-XSS

It is an offensive tool for web application. This repository con...

[SECURITY] Fedora 42 Update: python-django5-5.2.2-1.fc42

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY Don't Repeat Yourself principle...