EUVD-2023-43086

Malicious code in bioql PyPI...

EUVD-2025-3682

Malicious code in bioql PyPI...

EUVD-2023-53102

Malicious code in bioql PyPI...

EUVD-2023-43090

Malicious code in bioql PyPI...

EUVD-2023-43089

Malicious code in bioql PyPI...

EUVD-2024-40252

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-24368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to...

Linux Distros Unpatched Vulnerability : CVE-2024-43365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Theconsolenewsection parameter is not properly sanitized when saving external links in...

CVE-2025-24368

Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...

CVE-2025-24367

Cacti is an open source performance and fault management framework. An authenticated Cacti user can abuse graph creation and graph template functionality to create arbitrary PHP scripts in the web root of the application, leading to remote code execution on the server. This vulnerability is fixed...

CVE-2024-45598

Cacti is an open source performance and fault management framework. Prior to 1.2.29, an administrator can change the Poller Standard Error Log Path parameter in either Installation Step 5 or in Configuration-Settings-Paths tab to a local file inside the server. Then simply going to Logs tab and...

SUSE CVE-2024-43362

Cacti is an open source performance and fault management framework. The fileurl parameter is not properly sanitized when saving external links in links.php . Morever, the said fileurl is placed in some html code which is passed to the print function in link.php and index.php, finally leading to...

CVE-2023-49088

Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...

CVE-2023-50250

Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in templatesimport.php...

CVE-2023-49084

Cacti is a robust performance and fault management framework and a frontend to RRDTool - a Time Series Database TSDB. While using the detected SQL Injection and insufficient processing of the include file path, it is possible to execute arbitrary code on the server. Exploitation of the...

DEBIAN-CVE-2023-39515

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...

UBUNTU-CVE-2023-39360

Cacti is an open source operational monitoring and fault management framework.Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data. The vulnerability is found in graphsnew.php. Several validations are performed, but the...