EUVD-2025-8424

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

Overview org.webjars.npm:vega-functions is a Custom functions for the Vega expression language. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the event filter. An attacker can execute arbitrary JavaScript code by manipulating input to the Vega expression languag...

CVE-2025-26619 Vega Cross-Site Scripting (XSS) via event filter when not using CSP mode `expressionInterpeter`

Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In vega 5.30.0 and lower and in vega-functions 5.15.0 and lower , it was possible to call JavaScript functions from the Vega expression language that were not meant to be...

CVE-2006-2930

Unspecified vulnerability in Sun Grid Engine 5.3 and Sun N1 Grid Engine 6.0, when configured in Certificate Security Protocol CSP Mode, allows local users to shut down the grid service or gain access, even if access is denied...

[SA20518] Sun Grid Engine CSP Mode Authentication Security Issue

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...