EUVD-2025-4079

Malicious code in bioql PyPI...

EUVD-2024-34041

Malicious code in bioql PyPI...

EUVD-2024-37287

Malicious code in bioql PyPI...

EUVD-2025-16906

Malicious code in bioql PyPI...

EUVD-2022-4797

Malicious code in bioql PyPI...

EUVD-2023-28808

Malicious code in bioql PyPI...

EUVD-2022-42611

Malicious code in bioql PyPI...

EUVD-2022-44554

Malicious code in bioql PyPI...

EUVD-2023-30097

Malicious code in bioql PyPI...

EUVD-2022-40797

Malicious code in bioql PyPI...

EUVD-2023-1663

Malicious code in bioql PyPI...

EUVD-2024-25264

Malicious code in bioql PyPI...

EUVD-2025-22532

Malicious code in bioql PyPI...

EUVD-2022-40779

Malicious code in bioql PyPI...

EUVD-2022-39716

Malicious code in bioql PyPI...

GHSA-HG3J-6PMH-MVJR Fiora chat user avatar is vulnerable to XSS via SVG files

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows arbitrary JavaScript execution when malicious SVG files are rendered by other users...

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

CVE-2025-56514

Cross Site Scripting XSS vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users...

CVE-2025-56515

CVE-2025-56515 affects Fiora chat application 1.0.0. The issue is in the user avatar SVG upload: content is not validated, allowing SVGs with foreignObject, iframe elements and JavaScript event handlers (e.g., onmouseover) to be uploaded and stored. When rendered, these SVGs execute arbitrary Jav...

PT-2025-40285

Name of the Vulnerable Software and Affected Versions Codazon Magento Themes versions 1.1.0.0 through 2.4.7 Description A reflected cross-site scripting XSS issue exists in Codazon Magento Themes. This allows attackers to execute arbitrary Javascript within a user's browser by injecting a crafted...