CVE-2026-3429

A flaw was identified in the Account REST API of Keycloak that allows a user authenticated at a lower security level to perform sensitive actions intended only for higher-assurance sessions. Specifically, an attacker who has already obtained a victim’s password can delete the victim’s registered...

EUVD-2018-12980

Malware in sbrugna...

EUVD-2022-35218

Malicious code in bioql PyPI...

EUVD-2024-45922

Malicious code in bioql PyPI...

CVE-2023-5650

An improper privilege management vulnerability in the ZySH of the Zyxel ATP series firmware versions 4.32 through 5.37, USG FLEX series firmware versions 4.50 through 5.37, USG FLEX 50W series firmware versions 4.16 through 5.37, USG20W-VPN series firmware versions 4.16 through 5.37, and VPN seri...

CVE-2022-30003

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting XSS, allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields...

Exploit for CVE-2025-31033

⚠️ CVE-2025-31033 - CSRF in WordPress Buddypress Humanity Plug...

CVE-2021-22175

When requests to the internal network for webhooks are enabled, a server-side request forgery vulnerability in GitLab affecting all versions starting from 10.5 was possible to exploit for an unauthenticated attacker even on a GitLab instance where registration is disabled...