EUVD-2025-6696

Malicious code in bioql PyPI...

EUVD-2022-50872

Malicious code in bioql PyPI...

PT-2025-31862 · Boquan · Boquan Dotwallet App

Name of the Vulnerable Software and Affected Versions: Boquan DotWallet App version 2.15.2 Description: A vulnerability exists in the Boquan DotWallet App that is due to improper export of android application components within the AndroidManifest.xml file of the com.boquanhash.dotwallet component...

CVE-2025-8512 TVB Big Big Shop App hk.com.tvb.bigbigshop AndroidManifest.xml improper export of android application components

A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application...

CVE-2025-8210

A vulnerability was found in Yeelink Yeelight App up to 3.5.4 on Android. It has been classified as problematic. Affected is an unknown function of the file AndroidManifest.xml of the component com.yeelight.cherry. The manipulation leads to improper export of android application components...

CVE-2024-34654

Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege...

CVE-2024-34654

Improper Export of android application component in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access files with My Files' privilege...

Argo CD Cross-Site Scripting Vulnerability

Argo CD is a software application. A declarative GitOps continuous delivery tool for Kubernetes. It continuously monitors running applications and compares the current live state with the desired target state e.g., configuration in a Git repository, automatically synchronizing and deploying...

CVE-2023-49344

Temporary data passed between application components by Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present...

CVE-2023-49342

Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...

The vulnerability of the CMPapp component in CODESYS software products allows a hacker to trigger a service failure.

The vulnerability of the CMPapp component in CODESYS software products is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

The vulnerability of the sub-component “Application” within the Oracle Financial Services Behavior Detection Platform of the banking analytics system’s simulation model. This vulnerability allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the sub-component “Application” within the Oracle Financial Services Behavior Detection Platform of a bank analytics system’s simulation model involves insufficient validation of input data. Exploiting this vulnerability could allow an attacker operating remotely to gain...

PT-2023-13991 · Tibco Software · Tibco Product/Service Catalog +1

Name of the Vulnerable Software and Affected Versions: TIBCO EBX versions 5.9.21 and below TIBCO EBX versions 6.0.11 and below TIBCO Product and Service Catalog powered by TIBCO EBX versions 1.2.0 and below Description: The Web Application component of TIBCO Software Inc.'s TIBCO EBX and TIBCO...

CVE-2019-5326

An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component...

The vulnerability of the Oracle Application component, DBA of the Oracle Database Server system, allows a hacker to gain access to modify, add, delete data, or cause service failures.

The vulnerability of the Oracle Application component, specifically the DBA component of the Oracle Database Server, is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to modify, add, or delete data, or cause service interruptions...

Samsung A5 Access Control Error Vulnerability

The Samsung A5 is a smartphone from the South Korean company Samsung Samsung. An access control error vulnerability exists in the Samsung A5. The vulnerability stems from the network system or product not properly restricting access to resources from unauthorized roles. An attacker could exploit...

[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2014-011 Products: FAMOC Vendor: FancyFon Affected Versions: 3.16.5 Tested Versions: 3.16.5 Vulnerability Type: Cross-Site Scripting CWE-79 Risk Level: Medium Solution Status: Fixed Vendor Notification: 2014-12-19 Solution Date:...

Altiris Deployment Solution < 6.9.176 Multiple Vulnerabilities

The version of the Altiris Deployment Solution installed on the remote host reportedly is affected by several issues : - A SQL injection vulnerability that could allow a user to run arbitrary code CVE-2008-2286. - A remote attacker may be able to obtain encrypted Altiris Deployment Solution domai...