75 matches found
EUVD-2008-1193
Malware in sbrugna...
EUVD-2015-3326
Malware in sbrugna...
EUVD-2019-13853
Malware in sbrugna...
EUVD-2020-3193
Malware in sbrugna...
EUVD-2019-13900
Malware in sbrugna...
EUVD-2021-7947
Malicious code in bioql PyPI...
EUVD-2024-48336
Malicious code in bioql PyPI...
EUVD-2025-9524
Malicious code in bioql PyPI...
aioHTTP < 3.12.14 Request Smuggling (CVE-2025-53643)
The version of aioHTTP installed on the remote host is prior to 3.12.14. It is, therefore, affected by a request smuggling vulnerability: - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request...
USN-7537-2: net-tools regression
USN-7537-1 fixed a vulnerability in net-tools that caused a regression. This update fixes the problem. Original advisory details: It was discovered that net-tools incorrectly handled certain inputs. An attacker could possible use this issue to cause a crash or execute arbitrary code...
CVE-2023-29747
Story Saver for Instragram - Video Downloader 1.0.6 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the...
CVE-2022-43868
IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445...
CVE-2022-32751
IBM Security Verify Directory 10.0.0 could disclose sensitive server information that could be used in further attacks against the system. IBM X-Force ID: 228437...
CVE-2025-2987 IBM Maximo Asset Management server-side request forgery
IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
Cross-site Scripting (XSS)
codingms/additional-tca is vulnerable to cross-site scripting XSS. The vulnerability is due to improper input encoding due to a logged-in backend user being able to inject HTML content through the TYPO3 backend user interface, leading to potential XSS attacks...
CVE-2024-6829
A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to exploit the tarfile.extractall function to extract the contents of a maliciously crafted tarfile to arbitrary locations on the host server. The attacker can control repo.path and runhash to bypass directory existence checks and...
CVE-2024-12869 Improper Authentication in infiniflow/ragflow
In infiniflow/ragflow version v0.12.0, there is an improper authentication vulnerability that allows a user to view another user's invite list. This can lead to a privacy breach where users' personal or private information, such as email addresses or usernames in the invite list, could be exposed...
Linux Distros Unpatched Vulnerability : CVE-2019-11724
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Application permissions give additional remote troubleshooting permission to the site input.mozilla.org, which has been retired and now redirects to another sit...
CVE-2024-49336
IBM Security Guardium 11.5 and 12.0 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...
EulerOS 2.0 SP12 : python-requests (EulerOS-SA-2025-1181)
According to the versions of the python-requests package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been...