EUVD-2021-34106

Malicious code in bioql PyPI...

EUVD-2022-44226

Malicious code in bioql PyPI...

EUVD-2022-52046

Malicious code in bioql PyPI...

EUVD-2022-51675

Malicious code in bioql PyPI...

EUVD-2024-31785

Malicious code in bioql PyPI...

EUVD-2024-31787

Malicious code in bioql PyPI...

EUVD-2024-49099

Malicious code in bioql PyPI...

Security Bulletin: IBM Common Licensing using IBM® SDK, Java™ Technology Edition vulnerable to CVEs

Summary Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition in IBM License Key Server Administration and Reporting Tool ART and Administration Agent. This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their July 2025...

CVE-2025-8517 givanz Vvveb session fixiation

A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to version 1.0.7 is recommended to address this issue. The patch is...

Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition

Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their July 2025 Critical Patch Update. For more information please refer to Oracle's July 2025 CPU Advisory and the CVE links referenced below. Vulnerability Details...

CVE-2025-8227 yanyutao0402 ChanCMS getArticle deserialization

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization. The attack can be launched remotely. The...

CVE-2025-8177 LibTIFF thumbnail.c setrow buffer overflow

A vulnerability was found in LibTIFF up to 4.7.0. It has been rated as critical. This issue affects the function setrow of the file tools/thumbnail.c. The manipulation leads to buffer overflow. An attack has to be approached locally. The patch is named e8c9d6c616b19438695fd829e58ae4fde5bfbc22. It...

CVE-2025-8132 yanyutao0402 ChanCMS utils.js delfile path traversal

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been rated as critical. Affected by this issue is the function delfile of the file app/extend/utils.js. The manipulation leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public...

PT-2025-30611 · Undefined · Undefined

URGENT: CVE-2025-02471—Xen hypervisor vulnerability allows VM escape on unpatched SUSE systems. ✅ Patch: zypper patch xen-4.17.3 5.1-1 ✅ Impact: Critical CVSS 8.1 Read more: 👉 https://t.co/yErIQy6dqs Infosec DevSecOps LinuxSecurity https://t.co/d9VvVKTncE...

Security Bulletin: Update JRE for Older Versions of IBM SPSS Statistics

Summary Vulnerabilities related to encryption were found in older versions of the Java Runtime Environment JRE. This Interim Fix addresses those problems. The IF applies to all applicable Java SE CVEs published by Oracle as part of their April 2025 Critical Patch Update plus CVE-2025-4447...

Oracle Critical Patch Update, July 2025 Security Update Review

Oracle released its second quarterly edition of this year’s Critical Patch Update. The update received patches for 309 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families,...

Oracle Critical Patch Update Advisory - July 2025

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

PT-2025-29336 · Undefined · Undefined

🚨 Urgent Security Alert for SUSE Linux Users! A critical Python 3.6 vulnerability CVE-2025-02297 could allow hackers to take control of your systems. Patch now or risk a breach! Read more: 👉 https://t.co/SQf5nrtP2S CyberSecurity Linux Python https://t.co/KhfXC8zq7o...

EulerOS 2.0 SP10 : elfutils (EulerOS-SA-2025-1793)

According to the versions of the elfutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function...

Security Update for Microsoft Visual Studio Code (April 2025)

The version of Microsoft Visual Studio Code installed on the remote host is prior to 1.100.1. It is, therefore, affected by a vulnerability where files or directories accessible to external parties in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally. Note th...