EUVD-2023-2678

Malicious code in bioql PyPI...

EUVD-2024-53621

Malicious code in bioql PyPI...

EUVD-2025-32134

Malicious code in bioql PyPI...

AZL-68664 CVE-2025-46817 affecting package compat-lua 5.1.5-17

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to cause an integer overflow and potentially lead to remote code execution The problem exists in all versions of Redis with Lua scripting...

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.getvalue API endpoint and a crafted script to the fieldname parameter...

CVE-2025-29156

Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet...

Linux Distros Unpatched Vulnerability : CVE-2023-36201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays. CVE-2023-36201 Note th...

Linux Distros Unpatched Vulnerability : CVE-2024-40446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in forkosh Mime Tex before v.1.77 allows an attacker to execute arbitrary code via a crafted script CVE-2024-40446 Note that Nessus relies on the...

SUSE CVE-2025-55158

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim's internal typed value typvalT management. Specifically, the cleartv...

CVE-2025-55158 Vim double-free vulnerability during Vim9 script import operations

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...

CVE-2025-55158

CVE-2025-55158 affects Vim before patch release 9.1.1406. In Vim versions 9.1.1231 through 9.1.1405, processing nested tuples during Vim9 script import operations could trigger a double-free in Vim’s internal typval_T management due to improper lifetime handling in handle_import/ex_import paths, ...

CVE-2025-55158 Vim double-free vulnerability during Vim9 script import operations

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...

CVE-2025-55158

Vim is an open source, command line text editor. In versions from 9.1.1231 to before 9.1.1406, when processing nested tuples during Vim9 script import operations, an error during evaluation can trigger a double-free in Vim’s internal typed value typvalT management. Specifically, the cleartv...

CVE-2025-50270

A stored Cross Site Scripting xss vulnerability in the "content management" feature in AnQiCMS v.3.4.11 allows a remote attacker to execute arbitrary code via a crafted script to the title, categoryTitle, and tmpTag parameters...

CVE-2025-46001

An arbitrary file upload vulnerability in the isallowedfiletype function of Filemanager v2.3.0 allows attackers to execute arbitrary code via uploading a crafted PHP file...

CVE-2025-28243

CVE-2025-28243 affects Alteryx Server v2023.1.1.460, with the Pages component vulnerable to HTML injection via a crafted script. The CVSS v3.1 vector indicates NETWORK access, HIGH impact to confidentiality and integrity, user interaction required, and no availability impact. Root cause details a...

CVE-2023-48978

An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...

CVE-2023-48978

An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote attacker to execute arbitrary code via a crafted script to the IP camera URL component...