EUVD-2021-9477

Malicious code in bioql PyPI...

EUVD-2021-29303

Malicious code in bioql PyPI...

EUVD-2025-11808

Malicious code in bioql PyPI...

EUVD-2023-52563

Malicious code in bioql PyPI...

EUVD-2025-28018

Malicious code in bioql PyPI...

EUVD-2024-23339

Malicious code in bioql PyPI...

EUVD-2023-36000

Malicious code in bioql PyPI...

EUVD-2025-17967

Malicious code in bioql PyPI...

EUVD-2023-1348

Malicious code in bioql PyPI...

EUVD-2024-35901

Malicious code in bioql PyPI...

EUVD-2023-52591

Malicious code in bioql PyPI...

EUVD-2023-49533

Malicious code in bioql PyPI...

EUVD-2022-5111

Malicious code in bioql PyPI...

EUVD-2025-26073

Malicious code in bioql PyPI...

CVE-2025-61599 Emlog is Vulnerable to Stored Cross-Site Scripting (XSS) in "Twitter" Feature via Markdown Input

Emlog is an open source website building system. A stored Cross-Site Scripting XSS vulnerability exists in the "Twitter"feature of EMLOG Pro 2.5.21 and below. An authenticated user with privileges to post a "Twitter" message can inject arbitrary JavaScript code. The malicious script is stored on...

PT-2025-40461

Name of the Vulnerable Software and Affected Versions Emlog Pro versions 2.5.21 and below Description A stored Cross-Site Scripting XSS issue exists in the "Twitter" feature. An authenticated user with posting privileges can inject arbitrary JavaScript code. The malicious script is stored on the...

PT-2025-40451

Name of the Vulnerable Software and Affected Versions Yoast SEO Premium plugin for WordPress versions 25.7 through 25.9 Description The software is susceptible to a Stored Cross-Site Scripting issue stemming from a flawed regular expression used to remove an attribute within post content. This fl...

Splunk Enterprise 9.2.0 < 9.2.8, 9.3.0 < 9.3.6, 9.4.0 < 9.4.4 (SVD-2025-1003)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1003 advisory. - In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108,...

CVE-2025-57877

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...

CVE-2025-57424

A stored cross-site scripting XSS vulnerability exists in the MyCourts v3 application within the LTA number profile field. An attacker can insert arbitrary JavaScript into their profile, which executes in the browser of any user viewing it, including administrators. Due to the absence of the...