EUVD-2025-11772

Malicious code in bioql PyPI...

CVE-2025-39419

Cross-Site Request Forgery CSRF vulnerability in David Miller Revision Diet revision-diet allows Stored XSS.This issue affects Revision Diet: from n/a through = 1.0.1...

CVE-2025-31437

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Miller WP-OGP wp-ogp allows Stored XSS.This issue affects WP-OGP: from n/a through = 1.0.5...

CVE-2025-31437

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Miller WP-OGP wp-ogp allows Stored XSS.This issue affects WP-OGP: from n/a through = 1.0.5...

October CMS Safe Mode bypass leads to authenticated Remote Code Execution

Impact This vulnerability only affects installations that rely on the safe mode restriction, commonly used when providing public access to the admin panel. Assuming an attacker has access to the admin panel and permission to open the "Editor" section, they can bypass the Safe Mode cms.safemode...

Authenticated remote code execution in October CMS

Impact An authenticated user with the permissions to create, modify and delete website pages can exploit this vulnerability to bypass cms.safemode / cms.enableSafeMode in order to execute arbitrary code. - This issue only affects admin panels that rely on safe mode and restricted permissions. - T...

October/System authenticated file write leads to remote code execution

Impact Assuming an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. Patches Issue has been patched in Build 473 and v1.1.6 Workarounds Apply...

GHSA-WV23-PFJ7-2MJJ October/System authenticated file write leads to remote code execution

Impact Assuming an attacker with "create, modify and delete website pages" privileges in the backend is able to execute PHP code by running specially crafted Twig code in the template markup. Patches Issue has been patched in Build 473 and v1.1.6 Workarounds Apply...

Debian Security Advisory DSA 3434-1 (linux - security update)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. CVE-2015-7513 It was discovered that a local user permitted to use the x86 KVM subsystem could configure the PIT emulation to cause a denial of service...

[SECURITY] [DSA 1183-1] New Linux 2.4.27 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1183-1 [email protected] http://www.debian.org/security/ Dann Frazier September 25th, 2006 http://www.debian.org/security/faq -...