infosec-notebook

infosec-notebook Personal cybersecurity notes and references...

CVE-2019-2723

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

EUVD-2017-10712

Malware in sbrugna...

EUVD-2019-4545

Malware in sbrugna...

EUVD-2020-4708

Malware in sbrugna...

EUVD-2014-8386

Malware in sbrugna...

EUVD-2021-2294

Malware in sbrugna...

EUVD-2018-18600

Malware in sbrugna...

EUVD-2023-39393

Malicious code in bioql PyPI...

EUVD-2024-36674

Malicious code in bioql PyPI...

EUVD-2022-1690

Malicious code in bioql PyPI...

EUVD-2025-2898

Malicious code in bioql PyPI...

EUVD-2025-21296

Malicious code in bioql PyPI...

EUVD-2025-9960

Malicious code in bioql PyPI...

EUVD-2023-0281

Malicious code in bioql PyPI...

EUVD-2022-39351

Malicious code in bioql PyPI...

CVE-2025-52690

Successful exploitation of the vulnerability could allow an attacker to execute arbitrary commands as root, potentially leading to the loss of confidentiality, integrity, availability, and full control of the access point...

Open Redirect

urllib3 is vulnerable to Open Redirect. The vulnerability is due to urllib3 not properly controlling redirect behavior when used in Pyodide environments, which allows an attacker to exploit browser or Node.js runtime redirect handling, potentially bypassing expected security mechanisms...

CVE-2025-53023

CVE-2025-53023 is a MySQL Server vulnerability in the replication component. Affected are MySQL 8.0.0–8.0.42. The issue allows a high-privileged attacker with network access via multiple protocols to cause a hang or a frequent crash (DOS) of MySQL Server. The CVSS v3.1 base score is 4.9 (Availabi...

CVE-2025-6872

A vulnerability classified as critical was found in SourceCodester Simple Company Website 1.0. This vulnerability affects unknown code of the file /classes/SystemSettings.php?f=updatesettings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely...