EUVD-2022-24891

Malicious code in bioql PyPI...

EUVD-2024-42428

Malicious code in bioql PyPI...

EUVD-2025-10620

Malicious code in bioql PyPI...

EUVD-2024-33030

Malicious code in bioql PyPI...

EUVD-2024-28118

Malicious code in bioql PyPI...

EUVD-2022-24933

Malicious code in bioql PyPI...

EUVD-2024-16620

Malicious code in bioql PyPI...

IBM InfoSphere 11.7.0.x < 11.7.1.6 SP1 Command Injection (7246170)

The version of IBM InfoSphere Information Server installed on the remote host is 11.7.0 prior to 11.7.1.6 SP1. It is, therefore, affected by a command injection vulnerability, as referenced in the 7246170 advisory. - IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an...

CVE-2025-8214

The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typing Letter widget in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

Denial Of Service (DoS)

PocketMine-MP is vulnerable to Denial Of Service DoS. The vulnerability is due to improper validation because the server does not verify uniqueness of packIds in STATUSSENDPACKS, allowing a malicious Bedrock client to send duplicate UUIDs and force repeated pack transfers until memory is exhauste...

CVE-2025-8214 The Pack Elementor addon <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typing Letter Widget

The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typing Letter widget in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8214 The Pack Elementor addon <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Typing Letter Widget

The The Pack Elementor addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typing Letter widget in all versions up to, and including, 2.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8214

CVE-2025-8214 concerns The Pack Elementor addon for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) in the widget “Typing Letter”, affecting all versions up to and including 2.1.5. Root cause is insufficient input sanitization and output escaping on user-supplied attributes, e...

SUSE SLES15 Security Update : kernel (Live Patch 23 for SLE 15 SP5) (SUSE-SU-2025:03400-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03400-1 advisory. This update for the Linux Kernel 5.14.21-1505005594 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc:...

SUSE SLES15 Security Update : kernel (Live Patch 26 for SLE 15 SP5) (SUSE-SU-2025:03397-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03397-1 advisory. This update for the Linux Kernel 5.14.21-15050055103 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc...

SUSE SLES15 Security Update : kernel (Live Patch 8 for SLE 15 SP6) (SUSE-SU-2025:03410-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03410-1 advisory. This update for the Linux Kernel 6.4.0-1506002338 fixes several issues. The following security issues were fixed: - CVE-2025-38177: schhfsc:...

PT-2025-39938

Name of the Vulnerable Software and Affected Versions The Pack Elementor addon plugin for WordPress versions prior to 2.1.6 Description The software is susceptible to Stored Cross-Site Scripting through the Typing Letter widget. Insufficient input sanitization and output escaping on user-supplied...

CVE-2025-34212

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 22.0.843 and Application prior to version 20.0.1923 VA/SaaS deployments possess CI/CD weaknesses: the build pulls an unverified third-party image, downloads the VirtualBox Extension Pack over plain HTTP without signature...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Netty (CVE-2025-25193)

Summary A vulnerability in Netty that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2025-25193 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsaf...