15 matches found
CVE-2020-10922
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EA-HTTP.exe process. The issu...
EUVD-2021-1099
Malware in sbrugna...
EUVD-2024-3189
Malicious code in bioql PyPI...
EUVD-2025-16449
Malicious code in bioql PyPI...
EUVD-2023-24401
Malicious code in bioql PyPI...
BIT-GITLAB-2025-4700 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 18.0.5, 18.1 before 18.1.3, and 18.2 before 18.2.1 that, under specific circumstances, could have potentially allowed a successful attacker to trigger unintended content rendering leading to XSS...
PT-2025-22979 · Weidmueller · Ie-Sw-Pl10M-3Gt-7Tx +12
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices...
Linux Distros Unpatched Vulnerability : CVE-2018-10922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An input validation flaw exists in ttembed. With a crafted input file, an attacker may be able to trigger a denial of service condition due to ttembed trusting...
PT-2025-3872 · Reggie · Reggie
Name of the Vulnerable Software and Affected Versions: reggie version 1.0 Description: A critical vulnerability has been found in the function download of the file src/main/java/com/itheima/reggie/controller/CommonController.java. The manipulation of the name argument leads to path traversal. It ...
CVE-2024-3513 Ultimate Blocks – WordPress Blocks Plugin <= 3.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via title tag attribute
The Ultimate Blocks – WordPress Blocks Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the title tag postTitleTag parameter in all versions up to, and including, 3.1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
CVE-2024-5092 Elegant Addons for elementor <= 1.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Switcher, Slider, and Iconbox Widgets
The Elegant Addons for elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Switcher, Slider, and Iconbox widgets in all versions up to, and including, 1.0.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...
SUSE CVE-2020-28601
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef2/PMioparser.h PMioparser::readvertex Faceof OOB read. An attacker can provide malicious input to trigger this vulnerability...
PT-2023-19086 · Unknown · Go-Bitfield
Name of the Vulnerable Software and Affected Versions: go-bitfield affected versions not specified Description: The issue arises when untrusted user input is fed into the size parameter of NewBitfield and FromBytes functions, allowing an attacker to trigger panics. This occurs when the size is no...
Emerson GE Automation Proficy Machine Input Validation Error Vulnerability
Emerson GE Automation Proficy Machine Edition is an application of emerson Inc. an automation solution. An automation solution, an input validation error vulnerability exists in Emerson GE Automation Proficy Machine due to incorrect input validation in Emerson GE Automation Proficy Machine Editio...
kernel: crypto: privilege escalation in skcipher_recvmsg function
A flaw was found in the Linux kernel's skcipher component, which affects the skcipherrecvmsg function. Attackers using a specific input can lead to a privilege escalation...