EUVD-2020-25284

Malware in sbrugna...

EUVD-2022-37956

Malicious code in bioql PyPI...

CVE-2025-4130

Use of Hard-coded Credentials vulnerability in PAVO Inc. PAVO Pay allows Read Sensitive Constants Within an Executable.This issue affects PAVO Pay: before 13.05.2025...

GHSA-95RP-6GQP-6622 Command Injection Vulnerability in find-exec

Older versions of the package are vulnerable to Command Injection as an attacker controlled parameter. As a result, attackers may run malicious commands. For example: const find = require"find-exec"; find"mplayer; touch hacked" This creates a file named "hacked" on the filesystem. You should neve...

Code injection

In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine. This would prevent the installer from distinguishing between a valid executable called during an...

APPLE-SA-2015-01-27-2 iOS 8.1.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-2 iOS 8.1.3 iOS 8.1.3 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow acce...

Netwin WebNews Webnews.exe Remote Overflow

Binary data 1716.prm...

SGDynamo sgdynamo.exe HTNAME XSS

The remote host is running the CGI 'sgdynamo.exe'. There is a bug in some versions of this CGI which makes it vulnerable to a cross-site scripting attack. %NASLMINLEVEL 70300 This script written by Scott Shebby 12/2003 See the Nessus Scripts License for details Changes by Tenable: - Revised...