EUVD-2022-29962

Malicious code in bioql PyPI...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the validLogFileName and validExecOutputFileName functions, which insufficiently validate log file names, allowing traversal sequences after certain prefixes. An attacker can access sensitive files on the host...

CVE-2025-29083

SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the PluginManager.php file...

CVE-2025-29084

SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Upgrade.php file...

Command Injection in adb-mcp MCP Server

Command Injection in adb-mcp MCP Server The MCP Server at https://github.com/srmorete/adb-mcp is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementation. The MCP Server is also published publicly to npm at...

CVE-2025-29083

SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the PluginManager.php file...

CVE-2025-29083

SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the PluginManager.php file...

CVE-2025-29084

CSZ-CMS v1.3.0 is affected by a SQL injection in the Upgrade.php file (execSqlFile), enabling a remote attacker to execute arbitrary code. The vulnerability is associated with CVE-2025-29084 and is described consistently across NVD/Red Hat/CNNVD/CVE listings, with no public patch/version details ...

SUSE CVE-2023-53171

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

CVE-2023-53171

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

CVE-2023-53171

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

DEBIAN-CVE-2023-53171

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

UBUNTU-CVE-2023-53171

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

CVE-2023-53171 vfio/type1: prevent underflow of locked_vm via exec()

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...

CVE-2023-53171 vfio/type1: prevent underflow of locked_vm via exec()

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: prevent underflow of lockedvm via exec When a vfio container is preserved across exec, the task does not change, but it gets a new mm with lockedvm=0, and loses the count from existing dma mappings. If the user later...