765 matches found
EUVD-2025-21810
Malicious code in bioql PyPI...
EUVD-2024-18212
Malicious code in bioql PyPI...
EUVD-2024-49456
Malicious code in bioql PyPI...
EUVD-2022-51007
Malicious code in bioql PyPI...
EUVD-2025-21813
Malicious code in bioql PyPI...
EUVD-2024-21078
Malicious code in bioql PyPI...
EUVD-2024-18122
Malicious code in bioql PyPI...
EUVD-2024-27673
Malicious code in bioql PyPI...
EUVD-2025-30795
Malicious code in bioql PyPI...
CVE-2025-24525
Keysight Ixia Vision has an issue with hardcoded cryptographic material which may allow an attacker to intercept or decrypt payloads sent to the device via API calls or user authentication if the end user does not replace the TLS certificate that shipped with the device. Remediation is available ...
Missing Encryption of Sensitive Data
Overview Affected versions of this package are vulnerable to Missing Encryption of Sensitive Data via the DownloadTinyFile function. An attacker can intercept and modify file downloads by performing a man-in-the-middle attack on network traffic, potentially causing peers to receive malicious file...
Embedded Malicious Code
Overview duckdb is a Node.js API for DuckDB, the "SQLite for Analytics". The API for this client is somewhat compliant to the SQLite Node.js client for easier transition and transition you must eventually. Affected versions of this package are vulnerable to Embedded Malicious Code. This package...
Embedded Malicious Code
Overview proto-tinker-wc is a prototype app written in Stencil and Tailwind, deployed via NPM and Vercel. Affected versions of this package are vulnerable to Embedded Malicious Code. This package version contains malicious code that monitors network traffic when run in a browser and targets crypt...
CVE-2025-55443
Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrator credentials and MQTT server connection details IP/port that are stored in plaintext within log files on the device's external storage. This allows attackers with access to these logs to: 1. Authenticate to the MDM web platfor...
Linux Distros Unpatched Vulnerability : CVE-2003-1307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The modphp module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the...
PT-2025-33277 · Unknown · Runtime Event System
Name of the Vulnerable Software and Affected Versions: runtime event system affected versions not specified Description: A security issue in the runtime event system allows unauthenticated connections to receive a reusable API token. This token is broadcasted over a WebSocket and can be intercept...
Realistic Vulnerabilities of Decoy-State Quantum Key Distribution
We analyze realistic vulnerabilities of decoy-state quantum key distribution QKD arising from the combination of laser damage attack LDA and unambiguous state discrimination USD. While decoy-state QKD is designed to protect against photon-number-splitting and beam-splitting attacks by accurately...
CVE-2025-7433
A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption 2025.1 and older allows arbitrary code execution...
CVE-2024-13972
A vulnerability related to registry permissions in the Intercept X for Windows updater prior to Core Agent version 2024.3.2 can lead to a local user gaining SYSTEM level privileges during a product upgrade...
CVE-2025-7472
A local privilege escalation vulnerability in the Intercept X for Windows installer prior version 1.22 can lead to a local user gaining system level privileges, if the installer is run as SYSTEM...