CVE-2019-18342

A vulnerability has been identified in Control Center Server CCS All versions V1.5.0. The SFTP service default port 22/tcp of the Control Center Server CCS does not properly limit its capabilities to the specified purpose. In conjunction with CVE-2019-18341, an unauthenticated remote attacker wit...

EUVD-2017-7191

Malware in sbrugna...

EUVD-2021-2392

Malware in sbrugna...

EUVD-2024-17541

Malicious code in bioql PyPI...

CVE-2025-51045

Summary : CVE-2025-51045 affects Phpgurukul Pre-School Enrollment System 1.0. The vulnerability is a SQL injection in the /admin/password-recovery.php endpoint caused by insufficient validation of the username parameter. The CVSS v3.1 base score is 6.5 (Medium) with network attack vector, low com...

CVE-2023-22719

Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1...

CVE-2020-14515

CodeMeter All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file o...

CVE-2025-31334

Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. If a symbolic link specially crafted by an attacker is opened on the affected product, arbitrary code may be execut...

LangChain < 0.2.5 Arbitrary File Write

The version of LangChain installed on the remote host is prior to 0.2.5. It is, therefore, affected by a path traversal vulnerability which exists in the getFullPath method. This vulnerability allows attackers to save files anywhere in the filesystem, overwrite existing text files, read .txt file...

CVE-2024-0864 RCE in Laragon

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...

CVE-2022-4298 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...

PT-2022-25806 · Autodesk · Designreview.Exe

Name of the Vulnerable Software and Affected Versions: DesignReview.exe affected versions not specified Description: A maliciously crafted PCT file consumed through the DesignReview.exe application could lead to memory corruption by write access violation. This issue, in conjunction with other...

Solaris 2.x7.08 - Catman Race Condition (2)

Solaris 2.x7.08 - Catman Race Condition 2 source: https://www.securityfocus.com/bid/2149/info catman is a utility for creating preformatted man pages, distributed as part of the Solaris Operating Environment. A problem exists which could allow local users to overwrite or corrupt files owned by...