169 matches found
Security Bulletin:Lodash Prototype Pollution Vulnerability in Versions 4.0.0-4.17.22
Summary Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the .unset and .omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes. The issue permits deletion of properties but does not allow overwriting their...
Oracle多款产品 安全漏洞
Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...
KLA90972 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause denia...
PT-2026-28298
Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description HCL Aftermarket DPC is susceptible to a Cross Domain Script Include issue. An attacker can use external scripts to manipulate the Document Object Model DOM, potentially changing t...
Security Bulletin: IBM webMethods BPM is vulnerable to a denial of service due to kotlin-stdlib
Summary IBM webMethods BPM uses kotlin-stdlib in all Kotlin-based modules to provide core Kotlin language support and runtime utilities. Vulnerability Details CVEID:CVE-2020-29582 DESCRIPTION: In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation...
CVE-2021-22309
There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...
CVE-2021-22342
There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Affected product versions include: IPS Module versions...
CVE-2025-63680
Nero BackItUp in the Nero Productline is vulnerable to a path parsing/UI rendering flaw CWE-22 that, in combination with Windows ShellExecuteW fallback extension resolution, leads to arbitrary code execution when a user clicks a crafted entry. By creating a trailing-dot folder and placing a...
EUVD-2019-2637
Malware in sbrugna...
EUVD-2020-4171
Malware in sbrugna...
EUVD-2021-24921
Malware in sbrugna...
EUVD-2021-22824
Malware in sbrugna...
EUVD-2020-3087
Malware in sbrugna...
EUVD-2022-26442
Malicious code in bioql PyPI...
EUVD-2022-26410
Malicious code in bioql PyPI...
EUVD-2024-49752
Malicious code in bioql PyPI...
EUVD-2023-43072
Malicious code in bioql PyPI...
EUVD-2024-54599
Malicious code in bioql PyPI...
EUVD-2022-49456
Malicious code in bioql PyPI...
EUVD-2024-22880
Malicious code in bioql PyPI...