118 matches found
CVE-2025-64157
A use of externally-controlled format string vulnerability in Fortinet FortiOS 7.6.0 through 7.6.4, FortiOS 7.4.0 through 7.4.9, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0 all versions allows an authenticated admin to execute unauthorized code or commands via specifically crafted configuration...
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')
Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Use of Externally-Controlled Input to Select Classes or Code 'Unsafe Reflection' via the assembleLayoutFromPost function. An attacker can execute arbitrary system commands on the server by...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53591)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2025-53407)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to obtain secret data or modify memory. We have already fixed the vulnerabili...
Smb4K 安全漏洞
Smb4K is a KDE open source online neighborhood browser. A security vulnerability exists in Smb4K versions prior to 4.0.5 that originates from external control of filenames or paths and could lead to a local user performing a local root attack...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50397)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to obtain secret data or modify memory. We have already fixed the vulnerability i...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50403)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
Qnap QTS and QuTS hero Use of Externally-Controlled Format String (CVE-2024-50401)
A use of externally-controlled format string vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to obtain secret data or modify memory. We have already fixed the...
OpenText Flipper 安全漏洞
OpenText Flipper is a vendor self-submission invoice portal extension package from OpenText Canada. A security vulnerability exists in OpenText Flipper version 3.1.2 that originates from an externally controlled filename or path and could lead to a path traversal attack...
EUVD-2018-4445
Malware in sbrugna...
EUVD-2025-29618
Malicious code in bioql PyPI...
EUVD-2024-38055
Malicious code in bioql PyPI...
EUVD-2022-7269
Malicious code in bioql PyPI...
EUVD-2024-41441
Malicious code in bioql PyPI...
EUVD-2024-45079
Malicious code in bioql PyPI...
EUVD-2024-45081
Malicious code in bioql PyPI...
EUVD-2024-21344
Malicious code in bioql PyPI...
EUVD-2023-25588
Malicious code in bioql PyPI...
EUVD-2024-54211
Malicious code in bioql PyPI...
CVE-2025-8057
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource in Another Sphere, Improper Authorization vulnerability in Patika Global Technologies HumanSuite allows Exploiting Trust in Client. This issue affects HumanSuite: before 53.21.0...