EUVD-2021-30249

Malicious code in bioql PyPI...

EUVD-2022-50828

Malicious code in bioql PyPI...

EUVD-2022-41701

Malicious code in bioql PyPI...

EUVD-2022-27166

Malicious code in bioql PyPI...

EUVD-2024-40344

Malicious code in bioql PyPI...

EUVD-2024-28029

Malicious code in bioql PyPI...

EUVD-2021-28406

Malicious code in bioql PyPI...

EUVD-2023-40018

Malicious code in bioql PyPI...

EUVD-2025-2290

Malicious code in bioql PyPI...

CVE-2025-3770

EDK2 contains a vulnerability in BIOS where an attacker may cause “Protection Mechanism Failure” by local access. Successful exploitation of this vulnerability will lead to arbitrary code execution and impact Confidentiality, Integrity, and Availability...

Advisory ROSA-SA-2025-2926

software: yelp 42.2 WASP: ROSA-CHROME unaffected versions = yelp-42.2-2 affected versions yelp-42.2-2 CVE-ID: CVE-2025-3155 BDU-ID: 2025-03944 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Yelp help system is related to the inclusion of features from an invalid controlled scope when processing...

CVE-2025-8655

CVE-2025-8655 affects Kenwood DMX958XR devices, specifically the libSystemLib component. The vulnerability stems from improper validation of a user-supplied string during the firmware update process, which is used to invoke a system call. An attacker with physical access can exploit this to execu...

KLA86360 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Implementation vulnerability can be exploited to cause denial o...

CVE-2025-50706

An issue in thinkphp v.5.1 allows a remote attacker to execute arbitrary code via the routecheck function...

CVE-2025-53078

Samsung DMS (Data Management Server) is affected by CVE-2025-53078 due to deserialization of untrusted data, enabling attackers to execute arbitrary code by writing files to the system. Affected component is the Samsung DMS data management server; root cause is untrusted data deserialization that...

CVE-2025-53078

Deserialization of Untrusted Data in Samsung DMSData Management Server allows attackers to execute arbitrary code via write file to system...

CVE-2025-54414

CVE-2025-54414 affects TecharoHQ Anubis Web AI Firewall Utility (versions 1.21.2 and earlier). The vulnerability arises from malicious pass-challenge pages that can cause a user to execute arbitrary JavaScript or trigger nonstandard URL schemes via the PassChallenge flow, specifically the route /...

CVE-2025-54082

marshmallow-packages/nova-tiptap is a rich text editor for Laravel Nova based on tiptap. Prior to 5.7.0, a vulnerability was discovered in the marshmallow-packages/nova-tiptap Laravel Nova package that allows unauthenticated users to upload arbitrary files to any Laravel disk configured in the...

CVE-2025-6377

Rockwell Automation Arena® has an input handling vulnerability where crafted DOE files can cause out-of-bounds writes, enabling remote code execution. Exploitation requires user interaction (opening a malicious file) and could execute arbitrary code in the administrator context, per the CVSS/ADRs...

IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...