329 matches found
EUVD-2021-10812
Malware in sbrugna...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986636)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986636 advisory. In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference when host dies Make sure xhcifreedev and xhcikillendpointurbs ...
EUVD-2025-3960
Malicious code in bioql PyPI...
EUVD-2025-27764
Malicious code in bioql PyPI...
EUVD-2025-3731
Malicious code in bioql PyPI...
How to Use a Password Manager to Share Your Logins After You Die (2025)
Your logins will live on after you pass on. Make sure they end up in the right hands...
Malicious code in lesson-dream-death (npm)
The package lesson-dream-death was found to contain malicious code...
MAL-2025-44991 Malicious code in lesson-dream-death (npm)
The package lesson-dream-death was found to contain malicious code...
CVE-2025-30036
Stored XSS vulnerability exists in the "Oddział" Ward module, in the death diagnosis description field, and allows the execution of arbitrary JavaScript code. This can lead to session hijacking of other users and potentially to privilege escalation up to full administrative rights...
CGM CLININET Cross-Site Scripting Vulnerability
CGM CLININET is a hospital information management system from CGM Germany. CGM CLININET suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the Death Diagnosis Description field in the Oddzial module, which can be...
CVE-2025-30036
Stored XSS vulnerability exists in the "Oddział" Ward module, in the death diagnosis description field, and allows the execution of arbitrary JavaScript code. This can lead to session hijacking of other users and potentially to privilege escalation up to full administrative rights...
CVE-2025-30036 Stored XSS permitting session takeover of arbitrary user
Stored XSS vulnerability exists in the "Oddział" Ward module, in the death diagnosis description field, and allows the execution of arbitrary JavaScript code. This can lead to session hijacking of other users and potentially to privilege escalation up to full administrative rights...
CVE-2025-30036 Stored XSS permitting session takeover of arbitrary user
Stored XSS vulnerability exists in the "Oddział" Ward module, in the death diagnosis description field, and allows the execution of arbitrary JavaScript code. This can lead to session hijacking of other users and potentially to privilege escalation up to full administrative rights...
CVE-2025-30036
CVE-2025-30036 describes a stored XSS in the Oddział (Ward) module, within the death diagnosis description field. The flaw permits execution of arbitrary JavaScript, which can cause session hijacking of other users and potentially escalate privileges up to full admin rights. The provided metrics ...
PT-2025-34843 · Oddział · Oddział
Name of the Vulnerable Software and Affected Versions: Oddział module affected versions not specified Description: A stored cross-site scripting XSS issue exists in the “Oddział” Ward module, specifically within the death diagnosis description field. Successful exploitation allows attackers to...
CGM CLININET 跨站脚本漏洞
CGM CLININET is a hospital information management system from German company CGM. A cross-site scripting vulnerability exists in CGM CLININET that stems from stored cross-site scripting in the Death Diagnosis Description field in the Oddzial module, which could lead to session hijacking or...
Linux Distros Unpatched Vulnerability : CVE-2019-11683
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udpgroreceivesegment in net/ipv4/udpoffload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service slab-out-of-bounds memo...
Metadata Shows the FBI’s ‘Raw’ Jeffrey Epstein Prison Video Was Likely Modified
There is no evidence the footage was deceptively manipulated, but ambiguities around how the video was processed may further fuel conspiracy theories about Epstein’s death...
Qilin Ransomware Attack on NHS Causes Patient Death in the UK
A patient's death is confirmed linked to the June 2024 ransomware attack by the Qilin ransomware gang on Synnovis, crippling London's NHS. Learn about the disruptions and Impact...
DEBIAN-CVE-2022-49939
In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of ref-proc caused by race condition A transaction of type BINDERTYPEWEAKHANDLE can fail to increment the reference for a node. In this case, the target proc normally releases the failed reference upon close as...