EUVD-2025-204382

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AmentoTech Tuturn allows Path Traversal.This issue affects Tuturn: from n/a before 3.6...

EUVD-2025-199544

Not used...

EUVD-2025-131963

An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allowing an attacker to cause a Denial-of-Service DoS via crafted JSON Web Encryption JWE token with an exceptionally high compression ratio...

EUVD-2025-37766

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application. An HTTP GET endpoint request returns discoverable responses that may disclose: group names, active user names or IDs. An attacker can use that information to target individuals with phishing or...

EUVD-2025-37586

The Social Media WPCF7 Stop Words plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.3. This is due to missing or incorrect nonce validation on the smWpCfSwOptions function. This makes it possible for unauthenticated attackers to update the...

EUVD-2025-37689

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.1, visionOS 26.1, watchOS 26.1, iOS 26.1 and iPadOS 26.1, tvOS 26.1. Processing maliciously crafted web content may lead to memory corruption...