EUVD-2017-2547

Malware in sbrugna...

EUVD-2016-8752

Malware in sbrugna...

EUVD-2007-3244

Malware in sbrugna...

EUVD-2011-4033

Malware in sbrugna...

EUVD-2015-7714

Malware in sbrugna...

EUVD-2014-8942

Malware in sbrugna...

EUVD-2016-7223

Malware in sbrugna...

EUVD-2020-9391

Malware in sbrugna...

EUVD-2009-0122

Malware in sbrugna...

EUVD-2017-18694

Malware in sbrugna...

EUVD-2008-5516

Malware in sbrugna...

EUVD-2003-0823

Malware in sbrugna...

EUVD-2006-0895

Malware in sbrugna...

EUVD-2023-0544

Malicious code in bioql PyPI...

EUVD-2025-6938

Malicious code in bioql PyPI...

EUVD-2024-1586

Malicious code in bioql PyPI...

Server-Side Request Forgery (SSRF)

Next.js is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to the improper use of the next function without explicitly passing the request object, which allows an attacker to exploit incorrectly forwarded user-supplied headers in self-hosted applications...

CVE-2025-32094

An issue was discovered in Akamai Ghost, as used for the Akamai CDN platform before 2025-03-26. Under certain circumstances, a client making an HTTP/1.x OPTIONS request with an "Expect: 100-continue" header, and using obsolete line folding, can lead to a discrepancy in how two in-path Akamai...

CVE-2024-43009

A reflected cross-site scripting XSS vulnerability exists in user/login.php at line 24 in ZZCMS 2023 and earlier. The application directly inserts the value of the HTTPREFERER header into the HTML response without proper sanitization. An attacker can exploit this vulnerability by tricking a user...

CVE-2022-29933

Craft CMS through 3.7.36 allows a remote unauthenticated attacker, who knows at least one valid username, to reset the account's password and take over the account by providing a crafted HTTP header to the application while using the password reset functionality. Specifically, the attacker must...