5353 matches found
EUVD-2023-51720
Malicious code in bioql PyPI...
EUVD-2025-19054
Malicious code in bioql PyPI...
EUVD-2023-46966
Malicious code in bioql PyPI...
EUVD-2025-16679
Malicious code in bioql PyPI...
EUVD-2022-36093
Malicious code in bioql PyPI...
EUVD-2022-48771
Malicious code in bioql PyPI...
EUVD-2022-50720
Malicious code in bioql PyPI...
PT-2025-38986
Name of the Vulnerable Software and Affected Versions PivotX CMS version 3.0.0 RC 3 Description A Cross Site Scripting issue exists in PivotX CMS version 3.0.0 RC 3. This allows a remote attacker to execute arbitrary code through the subtitle field. Recommendations At the moment, there is no...
CVE-2024-8393
The Woocommerce Blocks – Woolook plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.0 via the via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary...
CVE-2025-27577 liteos_a has a race condition vulnerability
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition...
PT-2025-31856 · Zkeacms · Zkeacms
Name of the Vulnerable Software and Affected Versions: ZKEACMS version 4.1 Description: An arbitrary file upload vulnerability exists in ZKEACMS version 4.1, allowing attackers to execute arbitrary code by uploading a crafted file. Recommendations: At the moment, there is no information about a...
Adobe Framemaker heap buffer overflow vulnerability (CNVD-2025-16224)
Adobe FrameMaker is a powerful tool for creating complex technical documentation and publishing it to a variety of delivery channels. A heap buffer overflow vulnerability exists in Adobe Framemaker versions 2020.8, 2022.6 and earlier. An attacker can exploit this vulnerability to execute arbitrar...
TeamViewer Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of TeamViewer. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the TeamViewer service,...
PT-2025-26857 · Microsens · Microsens Nmp Web+
Name of the Vulnerable Software and Affected Versions: MICROSENS NMP Web+ affected versions not specified Description: The issue could allow an unauthenticated attacker to overwrite files and execute arbitrary code. Recommendations: At the moment, there is no information about a newer version tha...
Google Chrome Resource Management Error Vulnerability
Google Chrome is a popular web browser. Google Chrome suffers from a resource management error vulnerability, which stems from a post-release reuse of a media component, that can be exploited by an attacker to cause an application to crash or execute arbitrary code in the context of the applicati...
CVE-2025-40727 Reflected Cross-Site Scripting (XSS) in Phoenix CMS
A Reflected Cross Site Scripting XSS vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute arbitrary code via 's' GET parameter...
Arbitrary File Upload
xyz.erupt, erupt is vulnerable to arbitrary file upload. The vulnerability is due to improper validation in the /upload/GoodsCategory/image component, allowing attackers to upload crafted files and execute arbitrary code...
CVE-2025-27955
Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code...
CVE-2025-27953
An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component...
CVE-2025-27954
An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx...