EUVD-2025-16202

Malicious code in bioql PyPI...

EUVD-2025-16193

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-31501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink. CVE-2025-31501 Note that Nessus relies on the presen...

CVE-2025-31500

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name...

CVE-2025-31501

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink...

CVE-2025-31501

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink...

CVE-2025-31500

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name...

Best Practical RT 跨站脚本漏洞

Best Practical RT is a request tracker from Best Practical, Inc. A cross-site scripting vulnerability exists in Best Practical RT versions 5.0 through 5.0.7, which stems from the injection of JavaScript into RT permalinks, which could lead to cross-site scripting...

Best Practical RT 跨站脚本漏洞

Best Practical RT is a request tracker from Best Practical, Inc. A cross-site scripting vulnerability exists in Best Practical RT versions 4.4 through 4.4.7 and 5.0 through 5.0.7, which stems from the injection of specially crafted parameters in the search URL that could lead to cross-site...

CVE-2025-31500

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an Asset name...

CVE-2025-31501

Best Practical RT Request Tracker 5.0 through 5.0.7 allows XSS via JavaScript injection in an RT permalink...

CVE-2022-25800

Best Practical RT for Incident Response RTIR before 4.0.3 and 5.x before 5.0.3 allows SSRF via the whois lookup tool...

Server side request forgery (ssrf)

Best Practical RT for Incident Response RTIR before 4.0.3 and 5.x before 5.0.3 allows SSRF via Scripted Action tools...

CVE-2022-25801

Vulnerability : CVE-2022-25801 affects Best Practical RT for Incident Response (RTIR). Affected versions are RTIR < 4.0.3 and RTIR 5.x

CVE-2022-25800

The vulnerability CVE-2022-25800 affects Best Practical RT for Incident Response (RTIR). Affected are RTIR versions before 4.0.3 and RTIR 5.x before 5.0.3, where the whois lookup tool is exploitable to perform server-side requests (SSRF). According to the initial details, the impact is high on co...

DEBIAN-CVE-2011-2085

Multiple cross-site request forgery CSRF vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users...

Session fixation

Session fixation vulnerability in html/Elements/SetupSessionCookie in Best Practical Solutions RT 3.0.0 through 3.6.9 and 3.8.x through 3.8.5 allows remote attackers to hijack web sessions by setting the session identifier via a manipulation that leverages a second web server within the same doma...