EUVD-2026-36239

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 contain improper Host header validation when parsing raw HTTP request messages and when deriving a server request URI from server variables. An attacker can provide a malformed Host header containing U...

EUVD-2017-0636

Malware in sbrugna...

EUVD-2023-3066

Malicious code in bioql PyPI...

EUVD-2022-1021

Malicious code in bioql PyPI...

CVE-2023-32271

An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of reques...

CVE-2024-9870

An external service interaction vulnerability in GitLab EE affecting all versions from 15.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send requests from the GitLab server to unintended services...

Arbitrary File Overwrite

github.com/fkie-cad/yapscan is vulnerable to Arbitrary File Overwrite. The vulnerability is due to lack of client authentication and improper server permissions, allowing an attacker to forge requests that overwrite arbitrary files on the host system, potentially leading to data loss...

UBUNTU-CVE-2023-29457

Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts...