EUVD-2018-14528

Malware in sbrugna...

EUVD-2020-6666

Malware in sbrugna...

EUVD-2017-1782

Malware in sbrugna...

EUVD-2023-26119

Malicious code in bioql PyPI...

CVE-2025-22165

CVE-2025-22165 describes an ARBITRARY CODE EXECUTION vulnerability in Sourcetree for Mac starting with version 4.2.8. The flaw is exploitable by a locally authenticated attacker who can execute code with the user’s privileges, impacting confidentiality, integrity, and availability. The CVSS data ...

Security Bulletin: IBM Technical Support Appliance - possible exposure of sensitive information

Summary RSA-PSK key exchange occurs when establishing a connection from a web browser to the IBM Technical Support Appliance web UI. Vulnerability Details CVEID:CVE-2023-5981 DESCRIPTION: GNU GnuTLS could allow a remote attacker to obtain sensitive information, caused by a timing sidechannel issu...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in rexml

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of rexml. Vulnerability Details CVEID:CVE-2024-43398 DESCRIPTION: Ruby REXML is vulnerable to a denial of service, caused by improper input validation. By using a specially crafted XML content, a remote attacker...

WordPress NinjaTeam Header Footer Custom Code Plugin < 1.2 is vulnerable to Cross Site Scripting (XSS)

Software NinjaTeam Header Footer Custom Code Type Plugin Vulnerable versions 1.2 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6493 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 618713328f1e Credits Takshal...

WordPress Corona Virus (COVID-19) Banner & Live Data Plugin <= 1.8.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Corona Virus COVID-19 Banner & Live Data Type Plugin Vulnerable versions = 1.8.0.3 Fixed in 1.8.0.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34429 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cdf584b63570 Credits Rayhan...

WordPress ARMember Plugin <= 4.0.23 is vulnerable to Cross Site Scripting (XSS)

Software ARMember Type Plugin Vulnerable versions = 4.0.23 Fixed in 4.0.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27995 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a530dd76b60e Credits Van Lyubov Required privilege Administrator...

WordPress Multiple Post Passwords Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Multiple Post Passwords Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49157 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e6267a0778ae Credits DoYeon Park p6rkdoye0n Require...

Mitsubishi Electric GOT2000 and GOT SIMPLE

1. EXECUTIVE SUMMARY ​CVSS v3 5.9 ​ATTENTION: Exploitable remotely ​Vendor: Mitsubishi Electric ​Equipment: GOT2000 Series and GOT SIMPLE Series ​Vulnerability: Predictable Exact Value from Previous Values 2. RISK EVALUATION ​Successful exploitation of this vulnerability could allow an attacker...

WordPress WP Abstracts Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS)

Software WP Abstracts Type Plugin Vulnerable versions = 2.6.3 Fixed in 2.6.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28692 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID d24a94d01c26 Credits qilin99 Required privilege...

Security Bulletin: Vulnerability in NTP affects IBM Integrated Analytics System

Summary Redhat provided NTP is used by IBM Integrated Analytics System. IBM Integrated Analytics System has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2020-11868 DESCRIPTION: NTP is vulnerable to a denial of service, caused by a flaw in ntpd. By sending a server mode packet wi...

Security Bulletin: A Security Vulnerability Has Been Identified In IBM Security Secret Server (CVE-2020-4459)

Summary A security vulnerability identified on IBM Security Secret Server has been addressed in the release 10.8. Vulnerability Details CVEID: CVE-2020-4459 DESCRIPTION: IBM Security Verify Access contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own...

SevenIT SevDesk 3.10 Cross Site Scripting

Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...

SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities

Document Title: =============== SevenIT SevDesk 3.10 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1314 Release Date: ============= 2015-03-23 Vulnerability Laboratory ID VL-ID: ==================================== 1314...