8337 matches found
EUVD-2023-51787
Malicious code in bioql PyPI...
EUVD-2022-52203
Malicious code in bioql PyPI...
EUVD-2025-24410
Malicious code in bioql PyPI...
EUVD-2023-34625
Malicious code in bioql PyPI...
EUVD-2024-31362
Malicious code in bioql PyPI...
EUVD-2025-32217
Malicious code in bioql PyPI...
EUVD-2024-1677
Malicious code in bioql PyPI...
EUVD-2025-27247
Malicious code in bioql PyPI...
EUVD-2023-50950
Malicious code in bioql PyPI...
RLSA-2025:8184 Important: gstreamer1-plugins-bad-free security update
GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package contains a collection of plug-ins for GStreamer. Security Fixes: GStreamer: GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution...
RLSA-2025:7892 Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Cross-site Scripting XSS in Grafana via Custom Frontend Plugins and Open Redirect CVE-2025-4123 For more details about the security issues, including the impact, ...
gstreamer1-plugins-bad-free security update
An update is available for gstreamer1-plugins-bad-free. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GStreamer is a streaming media framework based on graphs...
grafana security update
An update is available for grafana. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor f...
CVE-2025-10212
The SiteAlert Formerly WP Health plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated attackers to view the site health information, includi...
CVE-2025-10212 SiteAlert (Formerly WP Health) <= 1.9.8 - Missing Authorization to Unauthenticated Site Health Information Exposure
The SiteAlert Formerly WP Health plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple functions in all versions up to, and including, 1.9.8. This makes it possible for unauthenticated attackers to view the site health information, includi...
MAL-2025-47898 Malicious code in @peterwiener/hoodle-plugins-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d6054e60226e11fc8823a0f2c40c7e12ac3bc01084f133848165156c128e777b The OpenSSF Package Analysis project identified '@peterwiener/hoodle-plugins-manager' @ 0.5.0 npm as malicious. It is considered malicious...
Malicious code in @peterwiener/hoodle-plugins-manager (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis d6054e60226e11fc8823a0f2c40c7e12ac3bc01084f133848165156c128e777b The OpenSSF Package Analysis project identified '@peterwiener/hoodle-plugins-manager' @ 0.5.0 npm as malicious. It is considered malicious...
How to Find Local File Inclusion (LFI) Vulnerabilities in WordPress Plugins and Themes
Local File Inclusion LFI occurs when user-controlled input is used to build a path to a file that is then included by the application. In WordPress and PHP web applications in general, this means values from $GET, $POST, $REQUEST, or other user-controlled sources end up in the include, require,...
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 22, 2025 to September 28, 2025)
Calling all Vulnerability Researchers and Bug Bounty Hunters! Operation: Maximum Impact Challenge ! Now through November 10, 2025, earn 2X bounty rewards forall in-scope submissions in software with at least 5,000 active installs and fewer than 5 million active installs. Bounties up to $31,200 pe...
XWorm V6: Exploring Pivotal Plugins
XWorm V6: Exploring Pivotal Plugins By Niranjan Hegde and Sijo Jacob · October 2, 2025 Introduction In the constantly evolving world of cyber threats, staying informed is not just an advantage; it's a necessity. First observed in 2022, XWorm quickly gained notoriety as a highly effective malware,...