CVE-2026-10510

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

Astra Linux - уязвимость в libfcgi

FastCGI’s fgi2 also known as fgi versions from 2.2 through 2.4.4 have a integer overflow vulnerability, which can lead to a heap-based buffer overflow when crafted nameLen or valueLen values are passed to the IPC socket. This issue occurs in the ReadParams function in the fcgiapp.c file...

EUVD-2026-29436

A vulnerability has been identified in Solid Edge SE2026 All versions V226.0 Update 5. The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process...

CVE-2026-30352

A remote code execution RCE vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter...

CVE-2021-4473 Tianxin Internet Behavior Management System Command Injection via toQuery.php

Tianxin Internet Behavior Management System contains a command injection vulnerability in the Reporter component endpoint that allows unauthenticated attackers to execute arbitrary commands by supplying a crafted objClass parameter containing shell metacharacters and output redirection. Attackers...

UBUNTU-CVE-2025-11687

A flaw was found in the gi-docgen. This vulnerability allows arbitrary JavaScript execution in the context of the page — enabling DOM access, session cookie theft and other client-side attacks — via a crafted URL that supplies a malicious value to the q GET parameter reflected DOM XSS...

CVE-2026-21663

HackerOne community member Patrick Lang 7yr has reported a reflected XSS vulnerability in the banner-acl.php script of Revive Adserver. An attacker can craft a specific URL that includes an HTML payload in a parameter. If a logged in administrator visits the URL, the HTML is sent to the browser a...

CVE-2025-13819 Open redirect in web server of MiR robots and MiR fleet

Open redirect in the web server component of MiR Robot and Fleet software allows a remote attacker to redirect users to arbitrary external websites via a crafted parameter, facilitating phishing or social engineering attacks...

Deserialization of Untrusted Data

Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the ViewModel functionality. An authenticated attacker can execute arbitrary code with application privileges by supplying crafted data through user-controllable URL parameters. Details Serializatio...

CVE-2025-62248

A reflected cross-site scripting XSS vulnerability, resulting from a regression, has been identified in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 through 2025.Q2.9, 2025.Q1.0 through 2025.Q1.16, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through...

EUVD-2009-3096

Malware in sbrugna...

EUVD-2018-3263

Malware in sbrugna...

EUVD-2006-2883

Malware in sbrugna...

EUVD-2014-8593

Malware in sbrugna...

EUVD-2015-4229

Malware in sbrugna...

EUVD-2016-7597

Malware in sbrugna...

EUVD-2018-18280

Malware in sbrugna...

EUVD-2013-0318

Malware in sbrugna...

EUVD-2013-1678

Malware in sbrugna...

EUVD-2013-1153

Malware in sbrugna...