CVEs with a CVSS Score Greater Than or Equal to 9

Critical vulnerabilities with Common Vulnerability Scoring System scores of 9.0 or higher pose severe risks to organisations' information systems. Timely detection and remediation are essential to minimise economic and reputational damage from cyberattacks. This paper provides a thorough analysis...

GHSA-V38P-MQQ3-M6V5 vulnerabilities

Vulnerabilities for packages: keycloak...

EUVD-2017-8068

Malware in sbrugna...

CVE-2025-47652

CVE-2025-47652 concerns Infility Global plugin for WordPress (versions up to 2.13.4). The issue is a Reflected Cross-Site Scripting (XSS) due to improper neutralization of input during web page generation. The CVSS v3.1 base score is 7.1 (High) with NETWORK attack vector, LOW impact on confidenti...

GHSA-MHJ8-JFHF-MCW9

creationtimestamp| type| source ---|---|--- 2025-06-30 21:09:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/19977...

The Rising Cost of Vulnerable APIs and Bot Attacks – A $186 Billion Wake-Up Call for Businesses

How much do bot attacks and API insecurity cost organizations? To answer these questions, Imperva engaged the Marsh McLennan Cyber Risk Intelligence Center to analyze incident data related to vulnerable APIs and bot attacks. Imperva’s latest report, “The Economic Impact of API and Bot Attacks,"...

CVE-2022-46456

NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbgtypevalue at /output/outdbg.c...

User may be blocked from market withdrawal for extended period of time

Lines of code Vulnerability details Impact WithdrawalHook::lastUserPeriodReset is global for all users, which means that each time that lastUserPeriodReset + userPeriodLength it'is able to block user from withdrawal', async = let previousResetTimestamp = await getLastTimestampethers.provider //...

CVE-2017-17531

gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

CVE-2017-16898

The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264...

Global Reflective XSS Vulnerability in Qibo News Media System

Qibo news media system is Qibo software company using PHP language developed specifically for the news station and launched a web content management system to provide from the content release, organization, dissemination, interaction and data mining media site integration solutions. Qibo News Med...

Дырка в Global

Недостаточный разбор shell-метасимволов в CGI-Скрипте позволяет выполнение команд на сервере...