545 matches found
CVE-2026-12207
A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the function actionGetPatientById of the file app\modules\medical\port\rest\controllers\PatientController.php of the component HTTP REST API. The manipulation of the argument ID...
CVE-2026-5315
A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...
CVE-2025-5319
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection. This issue affects DIGITA Efficiency Management System: through...
EUVD-2025-206660
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kod8 Software Technologies Trade Ltd. Co. Kod8 Individual and SME Website allows Reflected XSS.This issue affects Kod8 Individual and SME Website: through 03022026. NOTE: The vendor was...
CVE-2025-1354
A cross-site scripting XSS vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of...
CVE-2024-2497
A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...
CVE-2024-2817
A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploi...
CVE-2024-2532
A vulnerability classified as critical was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to sql injection. The attack can be launched...
CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery
A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...
CVE-2025-13799
A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...
CVE-2025-11903
A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Th...
EUVD-2024-44202
Malicious code in bioql PyPI...
EUVD-2024-16776
Malicious code in bioql PyPI...
EUVD-2024-33669
Malicious code in bioql PyPI...
EUVD-2025-16406
Malicious code in bioql PyPI...
EUVD-2023-59366
Malicious code in bioql PyPI...
EUVD-2023-59213
Malicious code in bioql PyPI...
EUVD-2023-57973
Malicious code in bioql PyPI...
EUVD-2023-58310
Malicious code in bioql PyPI...
EUVD-2024-32923
Malicious code in bioql PyPI...