EUVD-2022-39480

Malicious code in bioql PyPI...

EUVD-2024-36350

Malicious code in bioql PyPI...

EUVD-2025-18049

Malicious code in bioql PyPI...

EUVD-2022-0676

Malicious code in bioql PyPI...

Apple macOS Tahoe 安全漏洞

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

CVE-2025-50892

The CVE-2025-50892 entry concerns EaseUS Todo Backup 1.2.0.1, where the eudskacs.sys driver (version 20250328) fails to properly validate privileges for I/O requests (IRP_MJ_READ/IRP_MJ_WRITE) sent to its device object. This creates a local, low-privileged attacker capability to perform arbitrary...

CVE-2025-9566 Podman: podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

libp2p nodes vulnerable to attack using large RSA keys

...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability caused by a logic error in the VerifyNoToverlapInSessions function in apexd.cpp that results in the blocking of security updates via mainline installation...

Ubuntu: Security Advisory (USN-7732-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2025-35674

Name of the Vulnerable Software and Affected Versions: Camera versions prior to 11.1.02.18 Camera versions prior to 12.1.03.8 Camera versions prior to 13.1.01.4 Description: A missing authorization issue exists in the Camera application. This allows a physical attacker to install a package throug...

Linux Distros Unpatched Vulnerability : CVE-2019-1010091

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization of Input During Web Page Generation. The impact is: JavaScript code execution. The...

CVE-2025-9472

A vulnerability was found in itsourcecode Apartment Management System 1.0. This issue affects some unknown processing of the file /ownerutility/addownerutility.php. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public...

QNAP File Station 5 代码问题漏洞

QNAP Systems File Station 5威联通QNAP presents a file management application for browsing, uploading, downloading and managing files and folders stored on NAS devices, remote servers or external storage devices. A null pointer dereference vulnerability exists in QNAP Systems File Station 5, which ca...

Google Sign-In for Rails allowed redirect to protocol-relative URI

Summary It is possible to redirect a user to another origin if the "proceedto" value in the session store is set to a protocol-relative URL. Details The googlesignin gem persists an optional URL for redirection after authentication. If this URL is set to a protocol-relative URL, it improperly...

GHSA-CXM3-WV7P-598C Malicious versions of Nx were published

Summary Malicious versions of the nx package, as well as some supporting plugin packages, were published to npm, containing code that scans the file system, collects credentials, and posts them to GitHub as a repo under user's accounts. Immediate Actions Required For all users, check if you were...

DEBIAN-CVE-2025-54462

A heap-based buffer overflow vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A specially crafted .nex file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability...

FFmpeg 代码问题漏洞

FFmpeg is a complete solution for recording, converting, and streaming audio and video from the FFmpeg team. A code issue vulnerability exists in FFmpeg that originates from an attacker being able to force a null pointer to be dereferenced, potentially resulting in a denial of service...

CVE-2025-27129

An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability...

Huawei HarmonyOS and EMUI Competitive Conditions Vulnerability Vulnerability

Huawei EMUI is a mobile operating system developed based on Android.Huawei HarmonyOS is an operating system. Provides a full-scene distributed operating system based on a microkernel. Huawei HarmonyOS and EMUI have a competitive condition vulnerability vulnerability that can be exploited by an...