493 matches found
EUVD-2025-19410
Malicious code in bioql PyPI...
EUVD-2023-3049
Malicious code in bioql PyPI...
EUVD-2024-46318
Malicious code in bioql PyPI...
EUVD-2022-1433
Malicious code in bioql PyPI...
EUVD-2023-2868
Malicious code in bioql PyPI...
EUVD-2025-12520
Malicious code in bioql PyPI...
EUVD-2024-54487
Malicious code in bioql PyPI...
EUVD-2024-19396
Malicious code in bioql PyPI...
EUVD-2025-12519
Malicious code in bioql PyPI...
CVE-2025-7691 Privilege Defined With Unsafe Actions in GitLab
A privilege escalation issue has been discovered in GitLab EE affecting all versions from 16.6 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 that could have allowed a developer with specific group management permissions to escalate their privileges and obtain unauthorized access...
CVE-2025-43953
In 2wcom IP-4c 2.16, the web interface allows admin and manager users to execute arbitrary code as root via a ping or traceroute field on the TCP/IP screen...
CVE-2025-26515
StorageGRID formerly StorageGRID Webscale versions prior to 11.8.0.15 and 11.9.0.8 without Single Sign-on enabled are susceptible to a Server-Side Request Forgery SSRF vulnerability. Successful exploit could allow an unauthenticated attacker to change the password of any Grid Manager or Tenant...
CVE-2025-10142
The PagBank / PagSeguro Connect para WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'status' parameter in all versions up to, and including, 4.44.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...
Access API Moves to Spring Security Access
Five years ago, Spring Security began the journey of modernizing its authorization API. This has paved the way for a number of exciting features like Authorized POJOs, value masking, and, planned for Spring Security 7, Multi-Factor Authentication. This also deprecated the majority of the Access...
Linux Distros Unpatched Vulnerability : CVE-2023-5539
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A remote code execution risk was identified in the Lesson activity. By default this was only available to teachers and managers. CVE-2023-5539 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2023-28329
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of profile field availability condition resulted in an SQL injection risk by default only available to teachers and managers...
RHEL 8 : libarchive (RHSA-2025:14810)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:14810 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...
Linux Distros Unpatched Vulnerability : CVE-2023-51448
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notificatio...
SUSE SLED15 / SLES15 Security Update : python-urllib3 (SUSE-SU-2025:02985-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:02985-1 advisory. - CVE-2025-50181: Pool managers now properly control redirects when retries is passed. bsc1244925 Tenable has extracte...
SUSE-SU-2025:02985-1 Security update for python-urllib3
This update for python-urllib3 fixes the following issues: - CVE-2025-50181: Pool managers now properly control redirects when retries is passed. bsc1244925...