Insecure Despite Proven Updated: Extracting the Root VCEK Seed on EPYC Milan Via a Software-Only Attack

In the official whitepaper of Secure Encrypted Virtualization with Secure Nested Paging SEV-SNP, AMD explicitly emphasizes the capability to prevent Trusted Computing Base TCB rollback attacks. Cryptographically, this is realized by signing attestation reports with the Versioned Chip Endorsement...

EUVD-2022-55678

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers frame.html and frame.A100.html that accept a path parameter content or sidebar which is not properly validated or canonicalized. An attacker c...

PT-2025-40663

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where TX/RX callback handlers ntb netdev tx handler, ntb netdev rx handler can be called in interrupt context via the DMA framework. This can occur whe...

EUVD-2025-30658

Malicious code in bioql PyPI...

EUVD-2023-36363

Malicious code in bioql PyPI...

EUVD-2023-44917

Malicious code in bioql PyPI...

CVE-2025-58002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD bbPress Tools gd-bbpress-tools allows DOM-Based XSS.This issue affects GD bbPress Tools: from n/a through = 3.5.3...

CVE-2025-58002

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD bbPress Tools gd-bbpress-tools allows DOM-Based XSS.This issue affects GD bbPress Tools: from n/a through = 3.5.3...

PT-2025-38852

Name of the Vulnerable Software and Affected Versions GD bbPress Tools versions through 3.5.3 Description The software contains a flaw related to improper input handling during web page generation, leading to a potential Cross-site Scripting XSS issue. Specifically, the issue is a DOM-Based XSS...

CVE-2023-32095

Improper Control of Generation of Code 'Code Injection' vulnerability in Milan Dinić Rename Media Files.This issue affects Rename Media Files: from n/a through 1.0.1...

milan-spiele.de Cross Site Scripting vulnerability OBB-4043351

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2024-38709

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Milan Petrovic GD Rating System allows PHP Local File Inclusion.This issue affects GD Rating System: from n/a through 3.6...

CVE-2024-25093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5...

CVE-2024-25093

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5...

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5...

CVE-2024-25093

The CVE-2024-25093 is a stored XSS in the WordPress GD Rating System plugin

CVE-2024-25093 WordPress GD Rating System Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5...

CVE-2023-32095

Improper Control of Generation of Code 'Code Injection' vulnerability in Milan Dinić Rename Media Files.This issue affects Rename Media Files: from n/a through 1.0.1...

CVE-2023-32095 WordPress Rename Media Files Plugin <= 1.0.1 is vulnerable to Remote Code Execution (RCE)

Improper Control of Generation of Code 'Code Injection' vulnerability in Milan Dinić Rename Media Files.This issue affects Rename Media Files: from n/a through 1.0.1...

CVE-2023-32095 WordPress Rename Media Files Plugin <= 1.0.1 is vulnerable to Remote Code Execution (RCE)

Improper Control of Generation of Code 'Code Injection' vulnerability in Milan Dinić Rename Media Files.This issue affects Rename Media Files: from n/a through 1.0.1...