EUVD-2025-14741

Malicious code in bioql PyPI...

EUVD-2025-11112

Malicious code in bioql PyPI...

CVE-2025-39449

Missing Authorization vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JetWooBuilder: from n/a through = 2.1.18...

CVE-2025-47564

Missing Authorization vulnerability in ashanjay EventON eventon allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects EventON: from n/a through = 4.9.8...

CVE-2025-27008

Missing Authorization vulnerability in NotFound Unlimited Timeline unlimited-timeline allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Unlimited Timeline: from n/a through 1.6.1...

CVE-2025-31768

CVE-2025-31768 concerns the WordPress plugin Widget Manager Light (OTWthemes). The vulnerability is described as a Missing Authorization issue that allows accessing functionality not properly constrained by ACLs. Affected versions are Widget Manager Light up to and including 1.18 (n/a through

Cisco Secure Email Gateway Privelege Escalation (cisco-sa-esa-sma-wsa-multi-yKUJhS34)

According to its self-reported version, Secure Email Gateway is affected by a vulnerability. - A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance coul...

CVE-2025-20185

CVE-2025-20185 affects Cisco AsyncOS Software (Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance). A vulnerability in the remote access password generation algorithm allows an authenticated, local attacker (with valid administrator credentials) to escalate privile...

CVE-2025-23527

Missing Authorization vulnerability in hemnathmouli WC Wallet wc-wallet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WC Wallet: from n/a through = 2.2.0...

CVE-2025-23477

Missing Authorization vulnerability in realtyworkstation Realty Workstation realty-workstation allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Realty Workstation: from n/a through = 1.0.45...

Progress Software WhatsUp Gold SessionControler Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to initiate arbitrary server-side requests on affected installations of Progress Software WhatsUp Gold. Authentication is required to exploit this vulnerability. The specific flaw exists within the SessionControler class. The issue results from the lack ...