SUSE CVE-2026-41526

In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This parsing does not adequately handle metacharacters, leading to an escape from the shell. All applications relying on this method in a security-critical path t...

CVE-2026-41526

In KDE KCoreAddons prior to 6.25, the KShell::quoteArgs function intended to safely quote arguments for shell commands does not correctly handle metacharacters, enabling possible shell escapes. The issue affects applications using this path to process user input in security-critical contexts, not...

Fiber 安全特征问题漏洞

Fiber is Fiber open source an open source Web framework written in Go language . Fiber suffers from a security signature issue vulnerability. The vulnerability stems from an error not returned by the UUID function and can be exploited by an attacker to use predictable or low entropy identifiers i...

EUVD-2017-11112

Malware in sbrugna...

EUVD-2025-21381

Malicious code in bioql PyPI...

EUVD-2025-9063

Malicious code in bioql PyPI...

EUVD-2024-32311

Malicious code in bioql PyPI...

EUVD-2025-10395

Malicious code in bioql PyPI...

EUVD-2023-0386

Malicious code in bioql PyPI...

EUVD-2025-21299

Malicious code in bioql PyPI...

EUVD-2025-14977

Malicious code in bioql PyPI...

EUVD-2023-23715

Malicious code in bioql PyPI...

EUVD-2024-33696

Malicious code in bioql PyPI...

EUVD-2025-11234

Malicious code in bioql PyPI...

CVE-2025-8522

A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4. Affected is an unknown function of the file /save.php of the component node.js. The manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely. The complexity o...

PT-2025-31466 · Unknown · Openviglet Shio

Name of the Vulnerable Software and Affected Versions: openviglet shio versions through 0.3.8 Description: A critical vulnerability exists in openviglet shio up to version 0.3.8. This issue affects the shStaticFilePreUpload function located in the file...

CVE-2025-7896

A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical. Affected by this vulnerability is the function downloadvideo/deletevideo of the file app/controllers/v1/video.py. The manipulation leads to path traversal. The attack can be launched remotely...

CVE-2025-7628 YiJiuSmile kkFileViewOfficeEdit deleteFile path traversal

A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. It has been classified as critical. This affects the function deleteFile of the file /deleteFile. The manipulation of the argument fileName leads to path traversal. It is possible to...

CVE-2025-7626 YiJiuSmile kkFileViewOfficeEdit onlinePreview path traversal

A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this vulnerability is the function onlinePreview of the file /onlinePreview. The manipulation of the argument url leads to path traversal. The...

CVE-2025-7450

A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It has been classified as critical. This affects the function ResetUserAvatar of the file controller/api/v1/user.go of the component API. The manipulation of the argument filename leads to path traversal. It is possible to initiate the...