CVE-2025-66118 WordPress Sprout Clients plugin <= 3.2.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BoldGrid Sprout Clients sprout-clients allows Reflected XSS.This issue affects Sprout Clients: from n/a through = 3.2.1...

EUVD-2020-23727

Malware in sbrugna...

EUVD-2024-26789

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-11149

This affects all versions of the package node-static; all versions of the package @nubosoftware/node-static. The package fails to catch an exception when user input includes null bytes. This allows attackers to access http://host/%00 and crash the server...

USN-7537-1: net-tools vulnerability

It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code...

Stack Overflow

github.com/rancher/rancher is vulnerable to Stack Overflow. The vulnerability is due to improper input handling in Rancher’s /v3-public/authproviders API endpoint, which allows a malicious user to trigger a stack overflow, leading to a crash and denial of service DoS...

Tenda AC6 sub_452A4 function buffer overflow vulnerability

The Tenda AC6 is a wireless router from the Chinese company Tenda. The Tenda AC6 suffers from a buffer overflow vulnerability that originates from a boundary error in the sub452A4 function when handling untrusted input. No detailed vulnerability details are provided at this time...

AudioCodes One Voice Operations Center 安全漏洞

AudioCodes One Voice Operations Center AudioCodes OVOC is a web-based voice network management solution from AudioCodes, Inc. A security vulnerability exists in AudioCodes One Voice Operations Center OVOC versions prior to 8.4.582, which stems from improper neutralization of inputs via the device...

Tenda AX1803 setSchedWifi function buffer overflow vulnerability

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China. A buffer overflow vulnerability exists in the Tenda AX1803 v1.0.0.1, which originates from a boundary error when the application handles untrusted input. The vulnerability can be exploited by an attacker to execute arbitrary code...

PT-2023-3078 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling input data in the implementation of the Pragmatic General Multicast PGM protocol in Windows. This can allow a remote attacker to execute arbitrary...

CVE-2013-2807

CVE-2013-2807 affects Rockwell Automation RSLinx Enterprise (LogReceiver.exe) across CPR9 to CPR9-SR6. The vulnerability stems from improper input handling for the Record Data Size field, enabling an oversized Datagram on UDP port 4444 that causes the service to undersize Total Record Size, trigg...

WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection

WordPress Plugin Eventify - Simple Events 1.7.f SQL Injection Exploit Title: WordPress Eventify - Simple Events plugin getresults$qry;...