CVE-2024-27890

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

PT-2026-45701

Name of the Vulnerable Software and Affected Versions OpenShift affected versions not specified Description The Route OpenShift resource enables pods to be reachable at a subdomain via HAProxy. Insufficient validation of the spec.path YAML stanza in a Route document allows for controlled injectio...

PT-2026-40726

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.0 Description The endpoint "/api/tag/getTag" is registered using only the model.CheckAuth middleware, missing the model.CheckAdminRole and model.CheckReadonly checks. This allows any authenticated user, including...

CVE-2026-23819

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

EUVD-2026-17961

Tina is a headless content management system. Prior to version 2.2.2, a path traversal vulnerability in @tinacms/graphql allows unauthenticated users to write and overwrite arbitrary files within the project root. This is achieved by manipulating the relativePath parameter in GraphQL mutations. T...

EUVD-2026-17877

A local file inclusion vulnerability in the upload/download flow of the VertiGIS FM application allows authenticated attackers to read arbitrary files from the server by manipulating a file's path during its upload. When the file is subsequently downloaded, the file in the attacker controlled pat...

CVE-2025-66001 NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM)

NeuVector supports login authentication through OpenID Connect. However, the TLS verification which verifies the remote server's authenticity and integrity for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle MITM attacks...

GHSA-XMQ3-Q5PM-RP26 Nuxt DevTools vulnerable to cross-site scripting (XSS)

A vulnerability in Nuxt DevTools has been fixed in version 2.6.4. This issue may have allowed Nuxt auth token extraction via XSS under certain configurations. All users are encouraged to upgrade...

EUVD-2018-2955

Malware in sbrugna...

EUVD-2008-6982

Malware in sbrugna...

EUVD-2007-1181

Malware in sbrugna...

EUVD-2000-0855

Malware in sbrugna...

EUVD-2020-17919

Malware in sbrugna...

PT-2025-40984

Name of the Vulnerable Software and Affected Versions versions prior to 2025-3719 Description An access control issue exists in the Command Line Interface CLI functionality. A specific access restriction is not properly enforced for users with limited privileges. This allows an authenticated user...

EUVD-2022-34349

Malicious code in bioql PyPI...

EUVD-2024-49621

Malicious code in bioql PyPI...

EUVD-2022-3983

Malicious code in bioql PyPI...

EUVD-2024-36946

Malicious code in bioql PyPI...

EUVD-2021-9818

Malicious code in bioql PyPI...

EUVD-2021-9874

Malicious code in bioql PyPI...