EUVD-2020-21004

Malware in sbrugna...

EUVD-2020-26723

Malware in sbrugna...

EUVD-2025-12283

Malicious code in bioql PyPI...

EUVD-2024-38376

Malicious code in bioql PyPI...

EUVD-2024-25154

Malicious code in bioql PyPI...

EUVD-2022-46598

Malicious code in bioql PyPI...

ALSA-2025:11747 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird:...

Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: thunderbird: Large branch table could lead to truncated instruction CVE-2025-8028 firefox: thunderbird: Memory safety bugs CVE-2025-8035 firefox: thunderbird:...

AMD Warns of New Transient Scheduler Attacks Impacting a Wide Range of CPUs

Semiconductor company AMD is warning of a new set of vulnerabilities affecting a broad range of chipsets that could lead to information disclosure. The flaws, collectively called Transient Scheduler Attacks TSA, manifest in the form of a speculative side channel in its CPUs that leverage executio...

CVE-2025-36048

IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could allow a privileged user to escalate their privileges when handling external entities due to execution with unnecessary privileges...

CVE-2025-49137

HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.0, the application does not sufficiently sanitize user input, allowing for the execution of arbitrary JavaScript code. The 'saveNode' and 'saveManifest' endpoints take user input and store it in...

CVE-2023-45592

A CWE-250 “Execution with Unnecessary Privileges” vulnerability in the embedded Chromium browser due to the binary being executed with the “--no-sandbox” option and with root privileges exacerbates the impacts of successful attacks executed against the browser. This issue affects: AiLux imx6 bund...

CVE-2021-42847

Zoho ManageEngine ADAudit Plus before 7006 allows attackers to write to, and execute, arbitrary files...

CVE-2021-30149

Composr 10.0.36 allows upload and execution of PHP files...

CVE-2019-15311

An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command...

CVE-2013-0725

ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...

Security Updates for Microsoft SharePoint Server Subscription Edition (May 2025)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Elevation of Privilege Vulnerability CVE-2025-29976 - Remote Code Execution Vulnerabilites. CVE-2025-30378, CVE-2025-30382,...

Siemens RUGGEDCOM ROX II

SUMMARY The web interface of RUGGEDCOM ROX II devices contain multiple Client-Side Enforcement of Server-Side Security vulnerabilities that could allow an attacker with a legitimate, highly privileged account on the web interface to get privileged code execution in the underlying OS of the...

CVE-2025-43844 GHSL-2025-014_Retrieval-based-Voice-Conversion-WebUI

Retrieval-based-Voice-Conversion-WebUI is a voice changing framework based on VITS. Versions 2.2.231006 and prior are vulnerable to command injection. The variables expdir1, among others, take user input and pass it to the clicktrain function, which concatenates them into a command that is run on...

Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability

Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in...