EUVD-2025-12034

Malicious code in bioql PyPI...

EUVD-2022-41038

Malicious code in bioql PyPI...

CVE-2025-7928 code-projects Church Donation System edit_user.php sql injection

A vulnerability was found in code-projects Church Donation System 1.0 and classified as critical. This issue affects some unknown processing of the file /members/edituser.php. The manipulation of the argument firstname leads to sql injection. The attack may be initiated remotely. The exploit has...

CVE-2025-52882

CVE-2025-52882 affects Claude Code extensions for VSCode (and forks) and Claude Code [Beta] for JetBrains IDEs. An attacker-controlled webpage can trigger unauthorized websocket connections, enabling reading arbitrary files, viewing open files, and extracting IDE events in read/write contexts (e....

CVE-2025-52938

CVE-2025-52938 affects NotepadNext up to v0.11. The vulnerability is an out-of-bounds read in the Lua parser module, specifically the function singlevar() in lparser.c, where a required luaK_exp2anyregup call is missing. This can cause a heap-based buffer over-read when untrusted Lua code is comp...

CVE-2025-49182

Files in the source code contain login credentials for the admin user and the property configuration password, allowing an attacker to get full access to the application...

CVE-2025-5711

A vulnerability, which was classified as critical, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/InsertCity.php. The manipulation of the argument cmbState leads to sql injection. It is possible to launch the attack...

CVE-2024-12790

A vulnerability was found in code-projects Hostel Management Site 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file room-details.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to...

Secure Coding with AI, from Creation to Inspection

While prior studies have explored security in code generated by ChatGPT and other Large Language Models, they were conducted in controlled experimental settings and did not use code generated or provided from actual developer interactions. This paper not only examines the security of code generat...

CVE-2023-4265

Potential buffer overflow vulnerabilities in the following locations: https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usbdcnativeposix.cL359 https://github.com/zephyrproject-rtos/zephyr/blob/main/drivers/usb/device/usbdcnativeposix.cL359...

CVE-2025-0781

An attacker can bypass the sandboxing of Nasal scripts and arbitrarily write to any file path that the user has permission to modify at the operating-system level...

ShopXO Code Issues Vulnerabilities

ShopXO is an open source enterprise-level open source e-commerce system from ShopXO Inc. A code issue exists in ShopXO version 6.1.0 and earlier versions, which is caused by a server-side request forgery vulnerability in the source parameter of the extend/base/Uploader.php file...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which is caused by a logic error in code in multiple locations. An attacker can exploit this vulnerability to cause an elevation of privilege...

Supply Chain Security Leaders Collaborate to Help Developers Choose Open-Source

Supply Chain Security Leaders Collaborate to Help Developers Choose Open-Source By Trellix, Checkmarx and Illustria · September 05, 2023 Working together to keep open source safe At the beginning of 2023, top researchers from industry-leading companies established the Supply Chain Attack Research...

_getNextObservationIndex() Random use of timestamp to determine the currentTime can be manipulated bacause of dangerous strict equalities

Lines of code Vulnerability details Impact The use of strict equalities can be easily manipulated by an attacker. Miners may attempt to manipulate the timestamp. Proof of Concept File: TwabLib.sol Code Link: Code: if newestObservation.timestamp == currentTime File: TwabLib.sol Code Link: Code: if...

K27228191: Node.js vulnerability CVE-2018-7159

Security Advisory Description The HTTP parser in all current versions of Node.js ignores spaces in the Content-Length header, allowing input such as Content-Length: 1 2 to be interpreted as having a value of 12. The HTTP specification does not allow for spaces in the Content-Length value and the...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...

Introducing new Microsoft Defender for Cloud innovations to strengthen cloud-native protections

Security teams face an expanding attack surface as organizations increasingly use cloud-native services to develop, deploy, and manage applications across their multicloud and hybrid environments. Their challenge is compounded by incomplete visibility, siloed processes, and a lack of prioritized...