CVE-2023-54081 xen: speed up grant-table reclaim

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

CVE-2023-54081 xen: speed up grant-table reclaim

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

CVE-2025-65026 esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript

esm.sh is a nobuild content delivery networkCDN for modern web development. Prior to version 136, The esm.sh CDN service contains a Template Literal Injection vulnerability CWE-94 in its CSS-to-JavaScript module conversion feature. When a CSS file is requested with the ?module query parameter,...

PT-2025-45365

SuiteCRM versions prior to 7.12.6 contain a type confusion vulnerability within the processing of the ‘module’ parameter within the ‘deleteAttachment’ functionality. Successful exploitation allows remote unauthenticated attackers to alter database objects including changing the email address of t...

EUVD-2008-3182

Malware in sbrugna...

EUVD-2005-0310

Malware in sbrugna...

EUVD-2021-14070

Malware in sbrugna...

EUVD-2025-27770

Malicious code in bioql PyPI...

EUVD-2022-48090

Malicious code in bioql PyPI...

CVE-2025-57058

Tenda G3 v3.0brV15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-57058

Affected software: Tenda G3 (v3.0br_V15.11.0.17). Vulnerability: stack overflow in the formSetDebugCfg function, exploitable via the pEnable, pLevel, and pModule parameters. Impact: Denial of Service (DoS) via a crafted request. Notes: Multiple connected documents confirm the function and paramet...

CVE-2025-30055

The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter...

CVE-2025-30055

The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter...

CVE-2025-30055 Conditional RCE via the "system" function

The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter...

CVE-2025-30055

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2025-30055 Conditional RCE via the "system" function

The "system" function receives untrusted input from the user. If the "EnableJSCaching" option is enabled, it is possible to execute arbitrary code provided as the "Module" parameter...

PT-2025-34850 · Cgm · Cgm Clininet

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: The system function is susceptible to accepting untrusted input from a user. When the EnableJSCaching option is enabled, it becomes possible to execute...

No Boss Calendar SQL注入漏洞

No Boss Calendar is a Joomla calendar plugin from Brazilian company No Boss. A SQL injection vulnerability exists in No Boss Calendar versions prior to 5.0.7, which stems from an SQL injection in the idmodule parameter...

CVE-2022-1504

XSS in /demo/module/?module=HERE in GitHub repository microweber/microweber prior to 1.2.15. Typical impact of XSS attacks...

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...