Effect Monorepo 竞争条件问题漏洞

Effect Monorepo is a functional framework developed by Effect Open Source for building TypeScript applications. Versions of Effect Monorepo prior to 3.20.0 contained a race condition vulnerability, which was caused by context confusion in RpcServer.toWebHandler, potentially allowing access to the...

io.vertx/vertx-core: static handler component cache can be manipulated to deny the access to static files

A flaw was found in Vert.x. The Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URIs, preventing legitimate users from accessing static files with an HTTP 404 response...

EUVD-2026-11513

A vulnerability was identified in Tenda W3 1.0.0.32204. This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be performed from remote. Th...

CVE-2026-3974 Tenda W3 HTTP exeCommand formexeCommand stack-based overflow

A vulnerability was identified in Tenda W3 1.0.0.32204. This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the component HTTP Handler. Such manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be performed from remote. Th...

CVE-2026-2711

A vulnerability has been found in zhutoutoutousan worldquant-miner up to 1.0.9. The impacted element is an unknown function of the file worldquant-miner-master/agent-dify-api/core/helper/ssrfproxy.py of the component URL Handler. The manipulation of the argument makerequest leads to server-side...

CVE-2026-2141

A security flaw has been discovered in WuKongOpenSource WukongCRM up to 11.3.3. This affects an unknown part of the file gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java of the component URL Handler. Performing a manipulation results in improper authorization...

EUVD-2002-1420

Malware in sbrugna...

EUVD-2002-1421

Malware in sbrugna...

EUVD-2018-12012

Malware in sbrugna...

EUVD-2025-26137

Malicious code in bioql PyPI...

EUVD-2025-29232

Malicious code in bioql PyPI...

CVE-2025-9580

A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...

CVE-2025-9579

A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted element is an unknown function of the file /goform/sethidessidcfg of the component HTTP Handler. This manipulation of the argument enable causes os command injection. The attack can be initiated remotely. The exploit has been ma...

CVE-2025-9580 LB-LINK BL-X26 HTTP set_blacklist os command injection

A security vulnerability has been detected in LB-LINK BL-X26 1.2.8. This affects an unknown function of the file /goform/setblacklist of the component HTTP Handler. Such manipulation of the argument mac leads to os command injection. The attack can be launched remotely. The exploit has been...

PT-2025-3052

Name of the Vulnerable Software and Affected Versions visionOS versions prior to 2.2 tvOS versions prior to 18.2 Safari versions prior to 18.2 watchOS versions prior to 11.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 macOS Sequoia versions prior to 15.2 Description The issue is...

CVE-2023-43206

D-LINK DWL-6610 FWv4.3.0.8B003C was discovered to contain a command injection vulnerability in the function webcertdownloadhandler. This vulnerability allows attackers to execute arbitrary commands via the certDownload parameter...

PT-2023-26457 · Unknown · Moosocial Moodating

Name of the Vulnerable Software and Affected Versions: mooSocial mooDating version 1.2 Description: A problematic vulnerability was found in the URL Handler component, affecting unknown code of the file /users. This issue leads to cross site scripting and can be initiated remotely. Recommendation...

WEKA INTEREST Security Scanner 安全漏洞

WEKA INTEREST Security Scanner is a commonly used software for data exploration by the University of Waikato team in New Zealand. A security vulnerability exists in WEKA INTEREST Security Scanner version 1.8 HTTP Handler, which results in a denial of service when processing certain unknown inputs...

Delta Electronics DIAEnergie SQL注入漏洞

Delta Electronics DIAEnergie is an industrial energy management system used to monitor and analyze energy consumption in real time, calculate energy consumption and load characteristics, optimize equipment performance, improve production processes, and maximize energy efficiency.Delta Electronics...

Multiple IBM Products Arbitrary File Read Vulnerability

IBM SAN Volume Controller SVC, built with IBM Spectrum Storage software, is a reliable system that helps improve the data value, security and ease of use of new and existing storage infrastructures.The IBM Storwize product family provides all-flash, hybrid storage solutions with common features a...