EUVD-2025-32286

Malicious code in bioql PyPI...

CVE-2025-10311

The Comment Info Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. This is due to missing nonce validation on the options.php file when handling form submissions. This makes it possible for unauthenticated attackers to modify...

CVE-2025-8976 givanz Vvveb Endpoint post cross site scripting

A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulnerability affects unknown code of the file /vadmin123/index.php?module=content/post&type=post of the component Endpoint. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

WordPress plugin Twitter Card Generator 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Mathtex Security Breach

Mathtex is a CGI program written in C for the Manim community. A security vulnerability exists in Mathtex version 1.05 and prior versions, which stems from a command injection vulnerability. A remote attacker can use this vulnerability to execute arbitrary code via a crafted string in the...

Taokeyun SQL Injection Vulnerability

Taokeyun is a shopping mall system by jifeer individual developer. A SQL injection vulnerability exists in Taokeyun version 1.0.5 and earlier versions, which originates from a SQL injection vulnerability in the cid parameter of the index function in the application/index/controller/m/Drs.php file...

CVE-2023-26583

Unauthenticated SQL injection in the GetCurrentPeriod method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

CVE-2023-27260

Unauthenticated SQL injection in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1.052 and earlier allows extraction or modification of all data by unauthenticated attackers...

Hytec Inter HWL-2511-SS 命令注入漏洞

The Hytec Inter HWL-2511-SS is an industrial LTE router and Wi-Fi access point from Hytec Inter, Japan. A security vulnerability exists in the Hytec Inter HWL-2511-SS v1.05 and earlier, which stems from the component /www/cgi-bin/popen.cgi containing a command injection...

CVE-2022-23319

A segmentation fault during PCF file parsing in pcf2bdf versions =1.05 allows an attacker to trigger a program crash via a specially crafted PCF font file. This crash affects the availability of the software and dependent downstream components...

CVE-2021-22907

An improper access control vulnerability exists in Citrix Workspace App for Windows potentially allows privilege escalation in CR versions prior to 2105 and 1912 LTSR prior to CU4...

CVE-2020-27715

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high 100% CPU utilization by the httpd daemon...

Frenchbread Private-ip Code Issue Vulnerability

Frenchbread Private-ip is a Js codebase for checking if an Ip is private by Frenchbread individual developers. A security vulnerability exists in the Frenchbread Private-ip package prior to v1.0.5 that stems from insufficient regular expressions to adequately filter the reserved IP range, resulti...

FreeXL Heap Buffer Out-of-Bounds Read Vulnerability

FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'readminibiffnextrecord' function in versions of FreeXL prior to 1.0.5. An attacker could exploi...

Unspecified Vulnerability in Oracle Enterprise Manager Grid Control Enterprise Manager Base Platform Component

Oracle Enterprise Manager Grid Control is a suite of systems management software from Oracle Corporation. The software provides centralized monitoring, lifecycle management, and other functions for the Oracle IT architecture. enterprise Manager Base Platform is one of the system management platfo...