689 matches found
PT-2026-25293
CVE-2026-32449 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themifyme Themify Event Post themify-event-post allows Stored XSS.This issue affects Themify Eve... https://t.co/ruoArIkzNw...
CVE-2020-37114
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can...
CVE-2020-37114
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can...
EUVD-2020-30981
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can...
CVE-2020-37114 GUnet OpenEclass 1.7.3 E-learning platform - Information Disclosure
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can...
CVE-2025-66837
A file upload vulnerability in ARIS 10.0.23.0.3587512 allows attackers to execute arbitrary code via uploading a crafted PDF file/Malware...
CVE-2024-2624
A path traversal and arbitrary file upload vulnerability exists in the parisneo/lollms-webui application, specifically within the @router.get"/switchpersonalpath" endpoint in ./lollms-webui/lollmscore/lollms/server/endpoints/lollmsuser.py. The vulnerability arises due to insufficient sanitization...
CVE-2025-53398
The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions,...
CVE-2025-61114
2nd Line Android App version v1.2.92 and before package name com.mysecondline.app, developed by AutoBizLine, Inc., contains an improper access control vulnerability in its authentication mechanism. The server only validates the first character of the usertoken, enabling attackers to brute force...
CVE-2025-56799
Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...
EUVD-2019-0111
Malware in sbrugna...
EUVD-2019-11503
Malware in sbrugna...
EUVD-2023-37456
Malicious code in bioql PyPI...
EUVD-2025-6059
Malicious code in bioql PyPI...
EUVD-2024-23541
Malicious code in bioql PyPI...
EUVD-2025-6061
Malicious code in bioql PyPI...
EUVD-2024-2044
Malicious code in bioql PyPI...
EUVD-2025-6033
Malicious code in bioql PyPI...
EUVD-2025-6081
Malicious code in bioql PyPI...
EUVD-2025-23463
Malicious code in bioql PyPI...