71 matches found
EUVD-2026-0573
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0607
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0646
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0720
A vulnerability was detected in Yonyou KSOA 9.0. This vulnerability affects unknown code of the file /worksheet/agentworksadd.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit is now publ...
EUVD-2025-205312
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the getjpeg script that allows unauthorized access to live video streams. Attackers can retrieve video snapshots from specific camera channels by sending requests to the /cgi-bin/getjpeg endpoint without authentication...
EUVD-2025-205112
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached...
EUVD-2025-205128
In the Linux kernel, the following vulnerability has been resolved: bpf: fix a memory leak in the LRU and LRUPERCPU hash maps The LRU and LRUPERCPU maps allocate a new element on update before locking the target hash table bucket. Right after that the maps try to lock the bucket. If this fails,...
EUVD-2025-205155
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology requests resources that have not been created by the system because they are typically not represented in dpumdsscfg ^1, the resources in...
EUVD-2025-205043
A flaw has been found in code-projects Student Information System 1.0. This issue affects some unknown processing of the file /searchresults.php. Executing manipulation of the argument searchbox can lead to sql injection. The attack may be performed from remote. The exploit has been published and...
EUVD-2025-204276
There is an out of bounds read vulnerability in NI LabVIEW in lvre!ExecPostedProcRecPost when parsing a corrupted VI file. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted VI...
EUVD-2025-203963
A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to arbitrary code...
EUVD-2025-201000
TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 discovered in V2.1.8-B20201030.1539 contain an OS command injection vulnerability in the Boa formWsc handling functionality. An unauthenticated attacker can send specially crafted requests to trigger command execution via...
EUVD-2025-100062
Malicious code in xenaciouscuckooz3n npm...
EUVD-2025-72238
Malicious code in lina-kemplang23-tititugel npm...
EUVD-2025-57688
Malicious code in putri-wajit84-sluey npm...
EUVD-2025-39736
Malicious code in erwin-botok58-ruro npm...
EUVD-2025-38177
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP management tool that allows for remote attackers to bypass authentication checks and reach a SQL injection vulnerability within the ‘getInventoryReportData’ parameter to the ‘NetworkServlet’ endpoint...
EUVD-2025-37806
Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...
EUVD-2025-37836
EUVD-2025-37836...
EUVD-2025-37621
The Label Plugins plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5. This is due to missing or incorrect nonce validation on the labelpluginsoptions function. This makes it possible for unauthenticated attackers to update settings and injec...