2221 matches found
EUVD-2022-44430
Malicious code in bioql PyPI...
EUVD-2023-51229
Malicious code in bioql PyPI...
EUVD-2022-27866
Malicious code in bioql PyPI...
EUVD-2025-20432
Malicious code in bioql PyPI...
EUVD-2024-39266
Malicious code in bioql PyPI...
EUVD-2024-31676
Malicious code in bioql PyPI...
EUVD-2023-49966
Malicious code in bioql PyPI...
EUVD-2025-20496
Malicious code in bioql PyPI...
EUVD-2024-15939
Malicious code in bioql PyPI...
EUVD-2025-7190
Malicious code in bioql PyPI...
EUVD-2023-25578
Malicious code in bioql PyPI...
EUVD-2025-30251
Malicious code in bioql PyPI...
CVE-2025-9561 AP Background 3.8.1 - 3.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload via advParallaxBackAdminSaveSlider Function
The AP Background plugin for WordPress is vulnerable to arbitrary file uploads due to missing authorization and insufficient file validation within the advParallaxBackAdminSaveSlider handler in versions 3.8.1 to 3.8.2. This makes it possible for authenticated attackers, with Subscriber-level acce...
RISC Zero Ethereum 代码注入漏洞
RISC Zero Ethereum is a computing platform open-sourced by RISC Zero. A code injection vulnerability exists in RISC Zero Ethereum that originates from a host that can write to an arbitrary memory location of a visitor using a specially crafted response, which could lead to the execution of...
Linux Distros Unpatched Vulnerability : CVE-2025-59825
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the OBSmilesParser::ParseSmiles function. An attacker can execute arbitrary code or cause a denial of service by providing specially crafted input to the affected process. Remediation There is no fixed...
UBUNTU-CVE-2025-57632
libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs NextCommand, libsmb2 repeatedly calls smb2addiovector to append to a fixed-size iovec array without checking the upper bound of v-niov SMB2MAXVECTORS=256. An attacker can craft responses with many chained PDUs to...
CVE-2025-57347
A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConflict function, which fails to properly sanitize user-supplied input during property assignment operations. This flaw allows attackers to exploit prototype pollution...
CVE-2025-59825
astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.3 and earlier of astral-tokio-tar, tar archives may extract outside of their intended destination directory when using the Entry::unpackinraw API. Additionally, the Entry::allowexternalsymlinks control which...
CVE-2025-59825
CVE-2025-59825 affects astral-tokio-tar (Rust) up to v0.5.3: tar extraction can escape the target dir via Entry::unpack_in_raw and via a symlink pair that bypasses allow_external_symlinks, potentially enabling arbitrary file writes and code execution. The issue is fixed in v0.5.4; upgrading is re...