MedDream PACS Premium security vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability. This vulnerability stems from a reflective cross-site scripting vulnerability in the modifyHL7Rou...

CVE-2023-43960

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component...

GHSA-M9RG-MR6G-75GM `vega-functions` vulnerable to Cross-site Scripting via `setdata` function

Impact For sites that allow users to supply untrusted user input, malicious use of an internal function not part of the public API could be used to run unintentional javascript XSS. Patches Fixed in vega-functions 6.1.1 Workarounds There is no workaround besides upgrading. Using...

Cross-site Scripting (XSS)

Overview org.webjars.npm:vega-functions is a Custom functions for the Vega expression language. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the internal modify function used by setdata. An attacker can execute arbitrary JavaScript in the context of the...

`vega-functions` vulnerable to Cross-site Scripting via `setdata` function

Impact For sites that allow users to supply untrusted user input, malicious use of an internal function not part of the public API could be used to run unintentional javascript XSS. Patches Fixed in vega-functions 6.1.1 Workarounds There is no workaround besides upgrading. Using...

EUVD-2020-14172

Malware in sbrugna...

EUVD-2023-48320

Malicious code in bioql PyPI...

PT-2025-14313 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the vma modify function. The issue occurs when a merge attempt fails due to an out-of-memory error, causing the vmg...

CVE-2023-43960

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component...

CVE-2023-43960

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component...

CVE-2023-43960

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component...

Design/Logic Flaw

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component...

CVE-2023-43960

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component...

PHPMyWind SQL Injection Vulnerability (CNVD-2023-64090)

PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A SQL injection vulnerability exists in PHPMyWind v.5.6, which can be exploited by remote attackers to execute arbitrary code via the id variable in the modify function...

CVE-2020-21400

SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitrary code via the id variable in the modify function...

Sql injection

SQL injection vulnerability in gaozhifeng PHPMyWind v.5.6 allows a remote attacker to execute arbitrary code via the id variable in the modify function...

PHPMyWind SQL注入漏洞

PHPMyWind is a set of PHP and MySQL-based and W3C-compliant enterprise website building solutions. A SQL injection vulnerability exists in PHPMyWind v.5.6, which can be exploited by remote attackers to execute arbitrary code via the id variable in the modify function...

UpdateReward Modifier is brickable

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The private variable RewardTokens is an unbounded list of addresses that the modifier updateReward loops over and updates the state variable rewardTokenInfo. The gas consumption can become increasingly...