1553 matches found
EUVD-2025-24621
Malicious code in bioql PyPI...
EUVD-2021-9909
Malicious code in bioql PyPI...
EUVD-2024-19969
Malicious code in bioql PyPI...
EUVD-2025-22125
Malicious code in bioql PyPI...
EUVD-2025-29577
Malicious code in bioql PyPI...
EUVD-2024-21084
Malicious code in bioql PyPI...
EUVD-2025-9095
Malicious code in bioql PyPI...
EUVD-2025-15084
Malicious code in bioql PyPI...
EUVD-2024-17651
Malicious code in bioql PyPI...
EUVD-2022-0087
Malicious code in bioql PyPI...
EUVD-2022-0088
Malicious code in bioql PyPI...
SUSE CVE-2025-59681
An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate, QuerySet.alias, QuerySet.aggregate, and QuerySet.extra are subject to SQL injection in column aliases, when using a suitably crafted dictionary, with dictionary expansion, as the kwarg...
CVE-2025-34208 Vasion Print (formerly PrinterLogic) Insecure Password Hashing
Vasion Print formerly PrinterLogic Virtual Appliance Host and Application VA/SaaS deployments store user passwords using unsalted SHA-512 hashes with a fall-back to unsalted SHA-1. The hashing is performed via PHP's hash function in multiple files serverwriterequestsusers.php, updatedatabase.php,...
CVE-2025-46205
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...
CVE-2025-46205
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...
CVE-2025-46205
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...
CVE-2025-46205
A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service DoS by supplying a crafted PDF file. NOTE: this is disputed by the Supplier because there is no available file to reproduce the issue...
PT-2025-40287
Name of the Vulnerable Software and Affected Versions podofo versions 0.10.0 through 0.10.5 Description A heap-use-after-free issue exists in the PdfTokenizer::ReadDictionary function. This allows attackers to potentially cause a Denial of Service DoS by providing a specially crafted PDF file...
PT-2025-40290
Name of the Vulnerable Software and Affected Versions Django versions 4.2 through 4.2.25 Django versions 5.1 through 5.1.13 Django versions 5.2 through 5.2.7 Description A SQL injection issue exists in Django’s QuerySet methods—specifically annotate, alias, aggregate, and extra—when using a craft...
CVE-2025-52041
In Frappe ERPNext 15.57.5, the function getstockbalancefor at erpnext/stock/doctype/stockreconciliation/stockreconciliation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the inventorydimensionsdict parameter...