EUVD-2021-33242

Malicious code in bioql PyPI...

EUVD-2024-28263

Malicious code in bioql PyPI...

EUVD-2025-23739

Malicious code in bioql PyPI...

EUVD-2022-39952

Malicious code in bioql PyPI...

EUVD-2024-19989

Malicious code in bioql PyPI...

EUVD-2021-6862

Malicious code in bioql PyPI...

PT-2025-36163

Name of the Vulnerable Software and Affected Versions: webriti Shk Corporate versions through 2.4.1.1 Description: The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations: At the moment, there is no information about a newer...

CVE-2025-6632

A maliciously crafted PSD file, when linked or imported into Autodesk 3ds Max, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

CVE-2025-8511

CVE-2025-8511 affects Portabilis i-Diario 1.5.0. The Observações component contains an XSS vulnerability in the /diario-de-observacoes/ file where manipulating the Descrição parameter enables remote XSS. Exploit publicly disclosed; vendor did not respond. No remediation/fix details provided in th...

Unspecified Vulnerability in Apple macOS (CNVD-2025-18454)

Apple macOS is a specialized operating system developed by Apple for Mac computers. Apple macOS has a security vulnerability that can be exploited by attackers to access protected user data...

CVE-2025-54584 GitProxy is vulnerable to a packfile parsing exploit

GitProxy is an application that stands between developers and a Git remote endpoint e.g., github.com. In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within comm...

CVE-2016-15044 Kaltura < 11.1.0-2 PHP Object Injection RCE

A remote code execution vulnerability exists in Kaltura versions prior to 11.1.0-2 due to unsafe deserialization of user-controlled data within the keditorservices module. An unauthenticated remote attacker can exploit this issue by sending a specially crafted serialized PHP object in the kdata G...

CVE-2025-50079

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MyS...

CVE-2025-7410

Summary: CVE-2025-7410 affects LifeStyle Store 1.0 from Code-Projects. The issue is a vulnerability in the /cart_remove.php file where manipulating the ID argument enables SQL injection. The vulnerability is remote and the exploit has been disclosed publicly. Affected component: LifeStyle Store 1...

CVE-2025-41667 Phoenix Contact: File access due to the replacement of a critical file used by the arp-preinit script

A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device...

CVE-2025-20320

CVE-2025-20320 affects Splunk Enterprise versions prior to 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions prior to 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121. A low-privilege user who should not have admin or power roles can craft a malicious payload via the User Interface ...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CitrixBleed-2-CVE-2025-5777 checker checker.py httphttps...

CVE-2025-36593

Dell OpenManage Network Integration, versions prior to 3.8, contains an Authentication Bypass by Capture-replay vulnerability in the RADIUS protocol. An attacker with local network access could potentially exploit this vulnerability to forge a valid protocol accept message in response to a failed...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Reference: https://www.stratascale.com/vulnerability-alert-CVE-2...

PT-2025-25273 · Trend Micro · Trend Micro Worry-Free Business Security Services

Name of the Vulnerable Software and Affected Versions: Trend Micro Worry-Free Business Security Services WFBSS SaaS client version affected versions not specified Description: The issue is related to an uncontrolled search path vulnerability in the WFBSS agent, which could allow an attacker with...