9 matches found
EUVD-2016-1551
Malware in sbrugna...
EUVD-2021-9943
Malicious code in bioql PyPI...
EUVD-2022-4433
Malicious code in bioql PyPI...
PT-2025-31581
Name of the Vulnerable Software and Affected Versions RSA Archer version 6.11.00204.10014 Description An issue was discovered that allows attackers to execute arbitrary code via crafted system inputs. These inputs are exported into a CSV file, and execution occurs after a user opens the file with...
CVE-2025-54120
The CVE-2025-54120 vulnerability affects PCL (Plain Craft Launcher) Community Edition, specifically versions 2.12.0-beta.5 through 2.12.0-beta.9. During the third‑party login flow, credentials are inadvertently written to the local log file. While the log file isn’t automatically uploaded, leakag...
CVE-2019-1003066
Jenkins Bugzilla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...
CVE-2017-9030
The Codextrous B2J Contact aka b2jcontact extension before 2.1.13 for Joomla! allows a directory traversal attack that bypasses a uniqid protection mechanism, and makes it easier to read arbitrary uploaded files...
CVE-2004-2718
PHPMyChat 0.14.5 does not remove or protect setup.php3 after installation, which allows attackers to obtain sensitive information including database passwords via a direct request...
CVE-2012-2652
The bdrvopen function in Qemu 1.0 does not properly handle the failure of the mkstemp function, when in snapshot node, which allows local users to overwrite or read arbitrary files via a symlink attack on an unspecified temporary file...