CVE-2026-8233

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was...

vulnswarm

VulnSwarm AI-powered vulnerability discovery using multi-agen...

CVE-2026-5473

A vulnerability has been found in NASA cFS up to 7.0.0. The impacted element is the function pickle.load of the component Pickle Module. Such manipulation leads to deserialization. The attack needs to be performed locally. The attack requires a high level of complexity. The exploitability is...

EUVD-2021-26980

Malware in sbrugna...

EUVD-2025-16977

Malicious code in bioql PyPI...

EUVD-2024-16506

Malicious code in bioql PyPI...

EUVD-2025-23583

Malicious code in bioql PyPI...

EUVD-2023-57480

Malicious code in bioql PyPI...

CVE-2025-9514

A vulnerability has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is said to be...

PT-2025-28841 · Fnkvision · Fnkvision Fnk-Gu2

Name of the Vulnerable Software and Affected Versions: FNKvision FNK-GU2 versions through 40.1.7 Description: A vulnerability has been identified in FNKvision FNK-GU2. The issue involves a problematic functionality related to the file /rom/wpa supplicant.conf, leading to the cleartext storage of...

CVE-2025-7080

A vulnerability, which was classified as problematic, was found in Done-0 Jank up to 322caebbad10568460364b9667aa62c3080bfc17. Affected is an unknown function of the file internal/utils/jwtutils.go of the component JWT Token Handler. The manipulation of the argument accessSecret/refreshSecret wit...

CVE-2025-7060 Monitorr Installer mkdbajax.php input validation

A vulnerability was found in Monitorr up to 1.7.6m. It has been classified as problematic. This affects an unknown part of the file assets/config/installation/mkdbajax.php of the component Installer. The manipulation of the argument datadir leads to improper input validation. It is possible to...

CVE-2025-6932 D-Link DCS-7517 Qlync Password Generation httpd g_F_n_GenPassForQlync hard-coded password

A vulnerability, which was classified as problematic, was found in D-Link DCS-7517 up to 2.02.0. This affects the function gFnGenPassForQlync of the file /bin/httpd of the component Qlync Password Generation Handler. The manipulation leads to use of hard-coded password. It is possible to initiate...

CVE-2025-6931 D-Link DCS-6517/DCS-7517 Root Password Generation httpd generate_pass_from_mac entropy

A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is the function generatepassfrommac of the file /bin/httpd of the component Root Password Generation Handler. The manipulation leads to insufficient entropy. The attack...

CVE-2025-5889

The CVE-2025-5889 entry concerns juliangruber brace-expansion prior to 4.0.1. The vulnerability affects the expand function in index.js, causing inefficient regular expression complexity. It may be exploitable remotely and exploitation is described as difficult but publicly disclosed. Upgrading t...

CVE-2025-5641

A flaw was found in radare2. The rconsisbreaked function in libr/cons/cons.c experiences memory corruption due to improper handling of the -T argument, leading to potential crashes. This flaw allows a local attacker to provide maliciously crafted input, possibly resulting in a denial of service...

CVE-2025-3984

A vulnerability was found in Apereo CAS 5.2.6 and classified as critical. Affected by this issue is the function saveService of the file cas-5.2.6\webapp-mgmt\cas-management-webapp-support\src\main\java\org\apereo\cas\mgmt\services\web\RegisteredServiceSimpleFormController.java of the component...

CVE-2025-2153 HDF5 h5 File H5SM.c H5SM_delete heap-based overflow

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2025-2093

A vulnerability was found in PHPGurukul Online Library Management System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /change-password.php. The manipulation of the argument email/phone number leads to weak password recovery. The...

CVE-2025-1341 PMWeb Setting weak password

A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. This affects an unknown part of the component Setting Handler. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...