CVE-2021-31484

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

EUVD-2019-17119

Malware in sbrugna...

EUVD-2016-2320

Malware in sbrugna...

EUVD-2005-2287

Malware in sbrugna...

EUVD-2020-2960

Malware in sbrugna...

EUVD-2011-3626

Malware in sbrugna...

EUVD-2023-23803

Malicious code in bioql PyPI...

EUVD-2022-2429

Malicious code in bioql PyPI...

EUVD-2024-46623

Malicious code in bioql PyPI...

EUVD-2025-15538

Malicious code in bioql PyPI...

EUVD-2025-18990

Malicious code in bioql PyPI...

EUVD-2025-11509

Malicious code in bioql PyPI...

CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability, tracke...

CVE-2025-6915

A vulnerability, which was classified as critical, has been found in PHPGurukul Student Record System 3.2. Affected by this issue is some unknown functionality of the file /register.php. The manipulation of the argument session leads to sql injection. The attack may be launched remotely. The...

pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function

A vulnerability was found in PySpur-Dev pyspur up to 0.1.18. It has been classified as critical. Affected is the function SingleLLMCallNode of the file backend/pyspur/nodes/llm/singlellmcall.py of the component Jinja2 Template Handler. The manipulation of the argument usermessage leads to imprope...

CVE-2025-6276 Brilliance Golden Link Secondary System rentTakeInfoPage.htm sql injection

A vulnerability was found in Brilliance Golden Link Secondary System up to 20250609. It has been rated as critical. Affected by this issue is some unknown functionality of the file /storagework/rentTakeInfoPage.htm. The manipulation of the argument custTradeName leads to sql injection. The attack...

CVE-2025-5321 aimhubio aim run_view Object query.py RestrictedPythonQuery privilege escalation

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component runview Object Handler. The manipulation of the argument Abfrage leads to erweiterte Rechte. The attack c...

CVE-2024-10503

A vulnerability was found in Klokan MapTiler tileserver-gl 2.3.1 and classified as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument key leads to cross site scripting. The attack may be initiated remotely. The exploit has been...

CVE-2024-13140

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=uploadcover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launc...

CVE-2025-4488

CVE-2025-4488 affects itsourcecode Gym Management System 1.0. Affected component: /ajax.php?action=delete_package; vulnerability arises from manipulating the ID parameter, enabling SQL injection. Exploitation is possible remotely and is described as critical. Multiple connected sources corroborat...