EUVD-2023-23339

Malicious code in bioql PyPI...

EUVD-2025-12665

Malicious code in bioql PyPI...

EUVD-2025-15538

Malicious code in bioql PyPI...

CVE-2025-8271

A vulnerability was found in code-projects Exam Form Submission 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/deletes3.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-7083

CVE-2025-7083 affects Belkin F9K1122 with firmware 1.00.33. A vulnerability in the function mp of the file /goform/mp allows OS command injection via manipulation of the command argument, with remote exploitation possible. The CVE entries consistently describe a critical impact (CWE-like risk: ar...

CVE-2025-6962

A vulnerability, which was classified as critical, was found in Campcodes Employee Management System 1.0. This affects an unknown part of the file /myprofileup.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

CVE-2025-6276 Brilliance Golden Link Secondary System rentTakeInfoPage.htm sql injection

A vulnerability was found in Brilliance Golden Link Secondary System up to 20250609. It has been rated as critical. Affected by this issue is some unknown functionality of the file /storagework/rentTakeInfoPage.htm. The manipulation of the argument custTradeName leads to sql injection. The attack...

CVE-2025-6101

A vulnerability classified as critical has been found in letta-ai letta up to 0.4.1. Affected is the function functionmessage of the file letta/letta/interface.py. The manipulation of the argument functionname/functionargs leads to improper neutralization of directives in dynamically evaluated...

CVE-2025-5525

CVE-2025-5525 affects Jrohy trojan up to version 2.15.3. The flaw is in the LogChan function (trojan/util/linux.go) where mishandling of the argument c enables os command injection. Exploitation can be performed remotely; attack complexity is described as high, with public disclosures available. ...

CVE-2024-9280

A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUploadKit.java. The manipulation of the argument file leads to unrestricted upload. The attack can be...

CVE-2025-4465

A vulnerability was found in itsourcecode Gym Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /ajax.php?action=saveschedule. The manipulation of the argument memberid leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-4300 itsourcecode Content Management System search_list.php sql injection

A vulnerability classified as critical has been found in itsourcecode Content Management System 1.0. Affected is an unknown function of the file /searchlist.php. The manipulation of the argument Search leads to sql injection. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-4136

A vulnerability was found in Weitong Mall 1.0.0. It has been classified as critical. This affects an unknown part of the component Sale Endpoint. The manipulation of the argument ID leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to...

Microsoft Windows Multiple Vulnerabilities (KB5052040)

This host is missing a critical security update according to Microsoft KB5052040 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...